/Forum/docs/AUTHORS
0,0 → 1,6
Please see: http://www.phpbb.com/about.php for a list of all the people involved in phpBB.
Please see: http://www.phpbb.com/about.php for a list of people involved within the security audit of phpBB (since phpBB 2.0.17).
 
[September 2005]
Our special thanks goes to our former developer and manager psoTFX (Paul S. Owen) for being a wonderful teammate and talented programer.
He was a driving force in the project for over 3 years and helped a lot in making phpBB what it is now.
/Forum/docs/CHANGELOG.html
0,0 → 1,819
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html">
<meta http-equiv="Content-Style-Type" content="text/css">
<title>phpBB 2.0.x :: Changelog</title>
<link rel="stylesheet" href="../templates/subSilver/subSilver.css" type="text/css" />
<style type="text/css">
<!--
p,ul,td {font-size:10pt;}
.h2 {font-size:15pt;font-weight:bold;color:red}
.h3 {font-size:12pt;color:blue}
//-->
</style>
</head>
<body bgcolor="#E5E5E5" text="#000000" link="#006699" vlink="#006699">
 
<table width="100%" border="0" cellspacing="0" cellpadding="10" align="center">
<tr>
<td class="bodyline"><table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td>
 
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><img src="../templates/subSilver/images/logo_phpBB.gif" border="0" alt="phpBB 2 : Creating Communities" vspace="1" /></a></td>
<td align="center" width="100%" valign="middle"><span class="maintitle">phpBB 2.0.x CHANGELOG</span></td>
</tr>
</table>
 
<!-- BEGIN DOCUMENT -->
<ol>
<li><a href="#changelog">Changelog</a></li>
<ol type="i">
<li><a href="#2020">Changes since 2.0.20</a></li>
<li><a href="#2019">Changes since 2.0.19</a></li>
<li><a href="#2018">Changes since 2.0.18</a></li>
<li><a href="#2017">Changes since 2.0.17</a></li>
<li><a href="#2016">Changes since 2.0.16</a></li>
<li><a href="#2015">Changes since 2.0.15</a></li>
<li><a href="#2014">Changes since 2.0.14</a></li>
<li><a href="#2013">Changes since 2.0.13</a></li>
<li><a href="#2012">Changes since 2.0.12</a></li>
<li><a href="#2011">Changes since 2.0.11</a></li>
<li><a href="#2010">Changes since 2.0.10</a></li>
<li><a href="#209">Changes since 2.0.9</a></li>
<li><a href="#208">Changes since 2.0.8</a></li>
<li><a href="#207">Changes since 2.0.7</a></li>
<li><a href="#206">Changes since 2.0.6</a></li>
<li><a href="#205">Changes since 2.0.5</a></li>
<li><a href="#204">Changes since 2.0.4</a></li>
<li><a href="#203">Changes since 2.0.3</a></li>
<li><a href="#202">Changes since 2.0.2</a></li>
<li><a href="#201">Changes since 2.0.1</a></li>
<li><a href="#200">Changes since 2.0.0</a></li>
<li><a href="#final">Changes since RC-4</a></li>
<li><a href="#rc4">Changes since RC-3</a></li>
<li><a href="#rc3">Changes since RC-2</a></li>
<li><a href="#rc2">Changes since RC-1</a></li>
<li><a href="#rc1">Changes since RC-1 (pre)</a></li>
</ol>
<li><a href="#disclaimer">Disclaimer</a></li>
</ol>
 
<a name="changelog"></a><h2 class="h2"><u>1. Changelog</u></h2>
 
<p>This is a non-exhaustive (but still near complete) changelog for phpBB 2.0.x including beta and release candidate versions. Our thanks to all those people who've contributed bug reports and code fixes.</p>
 
<a name="2020"></a><h3 class="h3">l.i. Changes since 2.0.20</h3>
 
<ul>
<li>[Fix] Changes to random number generator code to explicitly truncate the length of the string</li>
<li>[Fix] Quoting on boards with HTML enabled</li>
<li>[Fix] Special characters on boards with HTML enabled</li>
<li>[Fix] Redirect to list if cancelling deletion of ranks, smilies or word censors</li>
<li>[Fix] Missing error message if an inactive user tried to login (Bug #1598)</li>
<li>[Fix] Do not alter post counts when just removing a poll (Bug #1602)</li>
<li>[Fix] Correct error in removal of old session keys</li>
<li>[Fix] Changed filtering of short search terms</li>
<li>[Sec] Improved filtering on language selection (also addresses a number of bug reports related to missing languages)</li>
<li>[Change] Backported more efficient highlighting code from Olympus</li>
<li>[Change] Backported zlib emulation code so that there is only a single confirmation image even if zlib is not available</li>
</ul>
 
 
<a name="2019"></a><h3 class="h3">l.ii. Changes since 2.0.19</h3>
 
<ul>
<li>[Fix] Prevent login attempts from incrementing for inactive users</li>
<li>[Fix] Do not check maximum login attempts on re-authentication to the admin panel - tomknight</li>
<li>[Fix] Regenerate session keys on password change</li>
<li>[Fix] retrieving category rows in index.php (Bug #90)</li>
<li>[Fix] improved index performance by determining the permissions before iterating through all forums (Bug #91)</li>
<li>[Fix] Better handling of short usernames within the search (bug #105)</li>
<li>[Fix] Send a no-cache header on admin pages as well as normal board pages (Bug #149)</li>
<li>[Fix] Apply word censors to the message when quoting it (Bug #405)</li>
<li>[Fix] Improved performance of query in admin_groups (Bug #753)</li>
<li>[Fix] Workaround for an issue in either PHP or MSSQL resulting in a space being returned instead of an empty string (bug #830)</li>
<li>[Fix] Correct use of default_style config value (Bug #861)</li>
<li>[Fix] Replace unneeded unset calls in admin_db_utilities.php - vanderaj</li>
<li>[Fix] Improved error handling in modcp.php</li>
<li>[Fix] Improved handling of forums to which the user does not have any explicit permissions - vanderaj</li>
<li>[Fix] Assorted fixes and cleanup of admin_ranks.php, now requires confirmation of deletions</li>
<li>[Fix] Assorted fixes and cleanup of admin_words.php, now requires confirmation of deletions</li>
<li>[Fix] Addition and editing of smilies can no longer be performed via GET, now requires confirmation of deletions</li>
<li>[Fix] Escape group names in admin_groups.php</li>
<li>[Sec] Replace strip_tags with htmlspecialchars in private message subject</li>
<li>[Sec] Some changes to HTML handling if enabled</li>
<li>[Sec] Escape any special characters in reverse dns - Anthrax101</li>
<li>[Sec] Typecast poll id values - Anthrax101</li>
<li>[Sec] Added configurable search flood control to reduce the effect of DoS style attacks</li>
<li>[Sec] Changed the way we create "random" values for use as keys - chinchilla/Anthrax101</li>
<li>[Change] Changed handling of the case where a selected style doesn't exist in the database</li>
<li>[Change] Changed handling of topic pruning to improve performance</li>
<li>[Change] Changed default forum permissions to only allow registered users to post in new forums</li>
</ul>
 
 
<a name="2018"></a><h3 class="h3">l.iii. Changes since 2.0.18</h3>
 
<ul>
<li>[Fix] corrected index on session keys table under MS SQL</li>
<li>[Fix] added session keys table to backup</li>
<li>[Fix] delete session keys entries when deleting user</li>
<li>[Fix] changes to support MySQL 5.0</li>
<li>[Fix] changes to some of the admin files to improve efficiency and remove a potential error condition when building the menu</li>
<li>[Fix] change truncation of username length in usercp_register.php - BFUK</li>
<li>[Fix] incorrect path to avatars in admin_users.php (Bug #667)</li>
<li>[Fix] fixed get_userdata to support correct sql escaping (non-mysql dbs) - jarnaez</li>
<li>[Fix] fixed captcha for those not having the zlib extension enabled</li>
<li>[Change] Placed version information above who is online in admin panel for better visual presence</li>
<li>[Sec] fixed XSS issue (only valid for Internet Explorer) within the url bbcode</li>
<li>[Sec] fixed XSS issue if html tags are allowed and enabled</li>
<li>[Sec] added configurable maximum login attempts to prevent dictionary attacks</li>
</ul>
 
 
<a name="2017"></a><h3 class="h3">l.iv. Changes since 2.0.17</h3>
 
<ul>
<li>[Fix] incorrect handling of password resets if admin activation is enabled (Bug #88)</li>
<li>[Fix] wrong topic redirection after login redirect (Bug #94)</li>
<li>[Fix] improved handling of username lists in admin_ug_auth.php (Bug #98)</li>
<li>[Fix] incorrect removal of bbcode_uid values if bbcode has been turned off (Bug #100)</li>
<li>[Fix] correctly preview signature if editing other users posts (Bug #101)</li>
<li>[Fix] incorrect alt tag on generated search images in groupcp.php, viewtopic.php and usercp_viewprofile.php (Bug #102)</li>
<li>[Fix] consistent forum ordering in all dropdown boxes (Bug #106)</li>
<li>[Fix] correctly get compression status in page_tail.php and page_footer_admin.php (Bug #117)</li>
<li>[Fix] set page title on summary page of groupcp.php (bug #125)</li>
<li>[Fix] correctly test style and avatar in usercp_register.php (bug #129 and #317)</li>
<li>[Fix] handling of reactivation notifications if admin activation is enabled (Bug #145)</li>
<li>[Fix] handling of both forms of translation information used in language packs (Bug #159)</li>
<li>[Fix] key length for activation keys fixed in usercp_sendpassword.php (Bug #171)</li>
<li>[Fix] use GENERAL_MESSAGE constant in message_die instead of MESSAGE (Bug #176)</li>
<li>[Fix] incorrect handling of move stubs (Bug #179)</li>
<li>[Fix] wrong mode_type in memberlist (Bug #187)</li>
<li>[Fix] SQL errors when setting maximum PMs to 0 (Bug #188)</li>
<li>[Fix] removed unused variable from topic_notify email template (Bug #210)</li>
<li>[Fix] removed unset variable from smilies popup window title (Bug #224)</li>
<li>[Fix] removed duplicate template assignment from admin_board.php (Bug #226)</li>
<li>[Fix] incorrect search link for guest posts in modcp.php (Bug #254)</li>
<li>[Fix] all users removed from topics watch table on special occassions (Bug #271)</li>
<li>[Fix] correctly check returned value from strpos in append_sid function (Bug #275)</li>
<li>[Fix] correctly display username in private message notification (Bug #278)</li>
<li>[Fix] fixed "var-by-ref" errors (Bug #322)</li>
<li>[Fix] changed redirection to installation (Bug #325)</li>
<li>[Fix] added timout of 10 seconds to version check (Bug #348)</li>
<li>[Fix] fixed user_level default in postgresql schema file (Bug #444)</li>
<li>[Fix] multiple minor HTML issues with subSilver</li>
<li>[Change] deprecated the use of some PHP 3 compatability functions in favour of the native equivalents</li>
<li>[Change] added 60 days limit for grabbing unread topics in index.php</li>
 
<li>[Sec] backport of session keys system from olympus</li>
<li>[Sec] fixed email bans to use the same pattern as email validation and allow wildcard domain bans</li>
<li>[Sec] fixed validation of topic type when posting</li>
<li>[Sec] unset database password once it is no longer needed</li>
<li>[Sec] fixed potential to select images outside the specified path as avatars or smilies</li>
<li>[Sec] fix globals de-registration code for PHP5 - (Stefan Esser/Matt Kavanagh)</li>
<li>[Sec] changed avatar gallery code sections to prevent possible injection points (AnthraX101)</li>
<li>[Sec] signature field is not properly sanitised for user input when an error occurs while accessing the avatar gallery (AnthraX101)</li>
<li>[Sec] check to_username and ownership when editing a PM (AnthraX101)</li>
<li>[Sec] fixed ability to edit PM's you did not send (depablo84)</li>
<li>[Sec] compare imagetype on avatar uploading to match the file extension from uploaded file</li>
</ul>
 
<a name="2016"></a><h3 class="h3">l.v. Changes since 2.0.16</h3>
 
<ul>
<li>Added extra checks to the deletion code in privmsg.php - reported by party_fan</li>
<li>Fixed XSS issue in IE using the url BBCode</li>
<li>Fixed admin activation so that you must have administrator rights to activate accounts in this mode - reported by ieure</li>
<li>Fixed get_username returning wrong row for usernames beginning with numerics - reported by Ptirhiik</li>
<li>Pass username through phpbb_clean_username within validate_username function - AnthraX101</li>
<li>Fixed PHP error in message_die function</li>
<li>Fixed incorrect generation of {postrow.SEARCH_IMG} tag in viewtopic.php - reported by Double_J</li>
<li>Also fixed above issue in usercp_viewprofile.php</li>
<li>Fixed incorrect setting of user_level on pending members if a group is granted moderator rights - reported by halochat</li>
<li>Fixed ordering of forums on admin_ug_auth.php to be consistant with other pages</li>
<li>Correctly set username on posts when deleting a user from the admin panel</li>
</ul>
 
<a name="2015"></a><h3 class="h3">l.vi. Changes since 2.0.15</h3>
 
<ul>
<li>Fixed critical issue with highlighting - <b>Discovered and fix provided by Ron van Daal</b></li>
<li>Url descriptions able to be wrapped over more than one line again</li>
<li>Fixed bug with eAccelerator in admin_ug_auth.php</li>
<li>Check new_forum_id for existence in modcp.php - <b>alessnet</b></li>
<li>Prevent uploading avatars with no dimensions - <b>Xpert</b></li>
<li>Fixed bug in usercp_register.php, forcing avatar file removal without updating avatar informations within the database - <b>HenkPoley</b></li>
<li>Fixed bug in admin re-authentication redirect for servers not having index.php as one of their default files set</li>
</ul>
 
<a name="2014"></a><h3 class="h3">l.vii. Changes since 2.0.14</h3>
 
<ul>
<li>Fixed moderator status removal in groupcp.php</li>
<li>Removed newlines after ?&gt; on some files - <b>Thoul</b></li>
<li>Added admin re-authentication (admin needs to login seperatly to access the ACP) - backported from Olympus</li>
<li>Fixed vulnerability in url/bbcode handling functions - <b>PapaDos and Paul/Zhen-Xjell from CastleCops</b></li>
<li>Fixed issue in admin/admin_forums.php</li>
<li>Suppressed warning message for fsockopen in /includes/smtp.php - <b>Thoul</b></li>
<li>Fixed bug in admin/admin_smilies.php (admin is able to add empty smilies) - <b>Exy</b></li>
<li>Adjusted documents to reflect the urgent need to update the files too (not only running the database update script)</li>
<li>Updated the readme file</li>
<li>Added one new language variable</li>
<li>Added general error if accessing profile for a non-existent user</li>
<li>Changed session id generation to be more unique - <b>Henno Joosep</b></li>
<li>Fixed bug in highlight code to escape characters correctly</li>
<li>Reversed the 2.0.14 fix for postgresql because it produced more problems than it solves.</li>
<li>Added reference to article written by R45 about case-sensitivity in postgreSQL to the readme file</li>
<li>Fixed bypassing of validate_username on registration - Yen</li>
<li>Empty url/img bbcodes no longer get parsed</li>
</ul>
 
<a name="2013"></a><h3 class="h3">l.viii. Changes since 2.0.13</h3>
 
<ul>
<li>Hardened author and keyword search a bit to not allow very server intensive searches</li>
<li>Fixed full path disclosure in bad word parsing</li>
<li>Resetting complete userdata array in session code if authentication fails</li>
<li>Fixed bug in moderator control panel where certain parameters could lead to an "error creating new session" sql error</li>
<li>Fixed bug in session code where empty page ids could lead to an "error creating new session" sql error</li>
<li>Fixed html handling in signatures if html is turned off globally</li>
<li>Fixed install.php problem with PHP5 register_long_arrays option turned off</li>
<li>Fixed potential issues with styling system</li>
<li>Added correct class to login_body template file</li>
<li>Removed file db/oracle.php from package</li>
<li>Removed version number from message body page in /admin (if user is not an admin) - <b>mikelbeck</b></li>
<li>Fixed case-sensitivity issues in postgres7.php - <b>R45</b></li>
</ul>
 
<a name="2012"></a><h3 class="h3">l.ix. Changes since 2.0.12</h3>
 
<ul>
<li>Ommitted preg_replace warning in viewtopic due to improper working of preg_quote in PHP - originally reported by matrix_killer, fix submitted by another party</li>
<li>Fixed high severity issue in session handling allowing everyone gaining administrator rights. Please update as soon as possible.</li>
<li>Minimum requirements raised to PHP 4.0.3 or above due to fixing vulnerability issues breaking PHP3 compatibility.</li>
</ul>
 
<a name="2011"></a><h3 class="h3">l.x. Changes since 2.0.11</h3>
 
<ul>
<li>Added confirm table to admin_db_utilities.php</li>
<li>Prevented full path display on critical messages</li>
<li>Fixed full path disclosure in username handling caused by a PHP 4.3.10 bug - <b>AnthraX101</b></li>
<li>Added exclude list to unsetting globals (if register_globals is on) - <b>SpoofedExistence</b></li>
<li>Fixed arbitrary file disclosure vulnerability in avatar handling functions - <b>AnthraX101</b></li>
<li>Fixed arbitrary file unlink vulnerability in avatar handling functions - <b>AnthraX101</b></li>
<li>Removed version number from powered by line</li>
<li>Merged database update files to update_to_latest.php file</li>
<li>Fixed path disclosure bug in search.php caused by a PHP 4.3.10 bug (related to AnthraX101's discovery)</li>
<li>Fixed path disclosure bug in viewtopic.php caused by a PHP 4.3.10 bug - <b>matrix_killer</b></li>
</ul>
 
<a name="2010"></a><h3 class="h3">l.xi. Changes since 2.0.10</h3>
 
<ul>
<li>Fixed vulnerability in highlighting code (<b>very high severity, please update your installation as soon as possible</b>)</li>
<li>Fixed unsetting global vars - <b>Matt Kavanagh</b></li>
<li>Fixed XSS vulnerability in username handling - <b>AnthraX101</b></li>
<li>Fixed not confirmed sql injection in username handling - <b>warmth</b></li>
<li>Added check for empty topic id in topic_review function</li>
<li>Added visual confirmation mod to code base</li>
</ul>
 
<a name="209"></a><h3 class="h3">l.xii. Changes since 2.0.9</h3>
 
<ul>
<li>Fixed deleting of styles in admin_styles.php</li>
<li>Fixed wrong unsetting of variables introduced in phpBB 2.0.9, making the board non-functional for users with specific php.ini settings</li>
<li>Added code to let phpBB work with PHP5 for those having register_long_arrays set to off (default settings) - running phpBB 2.0.x with PHP5 is not supported at http://www.phpbb.com.</li>
<li>Fixed bug in admin_board.php for board settings having single quotes in it</li>
<li>Fixed "search by author" in search.php. Now it is possible to search for users with special chars in their name too</li>
<li>Fixed forum jumpbox propagating session id in moderator control pages</li>
<li>Added check for newlines at redirecting pages, to prevent http response splitting attacks - <b>Ory Segal and Amit Klein</b></li>
<li>Fixed visual confirmation code. The image was not created due to a wrong regular expression.</li>
</ul>
 
<a name="208"></a><h3 class="h3">l.xiii. Changes since 2.0.8</h3>
 
<ul>
<li>Fixed one vulnerability in admin_board.php - <b>Xore</b></li>
<li>Added checking for proper session id characters to sessions and viewtopic to prevent injections - <b>Bartlomiej Korupczynski</b></li>
<li>Fixed injection vulnerabilities possible with linked avatars</li>
<li>Implemented unsetting globalised variables</li>
<li>Limited confirm switch to POST variable in posting</li>
<li>Changed IP code in common.php to prevent IP spoofing, which might introduce some problems with private IP Ranges showing up. - <b>Wang Products</b></li>
<li>Updated visual confirmation mod [pre-edited files]</li>
<li>Moved obtaining word censors in modcp out of topic generation loop [increased performance/lower query count] - spotted by <b>R45</b></li>
<li>Added the ability to link to https/ftps sites using the img bbcode tag</li>
<li>Fixed user online information in admin/index.php</li>
<li>Fixed getting group moderator in groupcp.php if running oracle backend - spotted by <b>pakman</b></li>
<li>Fixed use of non-existing result variable in modcp (poster_id instead of user_id)</li>
<li>Fixed several vulnerabilities (XSS, SQL Injection and path disclosure) only possible with register_globals enabled - <b>Matthew C. Kavanagh, Janek Vind</b></li>
<li>Fixed problem with SID not delivered to next page in groupcp.php</li>
</ul>
 
<a name="207"></a><h3 class="h3">l.xiv. Changes since 2.0.7</h3>
 
<ul>
<li>Fixed several vulnerabilities in admin pages</li>
<li>Fixed sid checking code in admin/pagestart.php</li>
<li>Fixed injection vulnerabilities possible with the img bbcode tag</li>
<li>Limited allowed images in img bbcode tag to jpg, jpeg, gif and png</li>
<li>Fixed redirect problems - 2.0.7a</li>
<li>Fixed sql injection vulnerability in search - 2.0.7a</li>
<li>Fixed sql injection vulnerability in privmsg - 2.0.8a</li>
</ul>
 
<a name="206"></a><h3 class="h3">1.xv. Changes since 2.0.6</h3>
 
<ul>
<li>Fixed several vulnerabilities in modcp - <b>Robert Lavierck</b></li>
<li>Changed whois lookup address within admin index</li>
<li>Fixed potential vulnerability in viewtopic postorder - 2.0.6d</li>
<li>Updates to cope with Zend Optimizer 2.5 problems - 2.0.6d - <b>jetset</b></li>
<li>Force specialcharing of redirect variable in login - <b>Pit</b></li>
<li>Fixed potential vulnerability in viewtopic postdays - <b>GulfTech Security Research</b></li>
<li>Fixed potential vulnerability in viewforum topicdays - <b>GulfTech Security Research</b></li>
<li>Fixed potential vulnerability in modcp</li>
<li>Fixed potential vulnerability in avatar gallery</li>
</ul>
 
<a name="205"></a><h3 class="h3">1.xvi. Changes since 2.0.5</h3>
 
<ul>
<li>Fixed various email issues</li>
<li>Fixed registration email bug with Administrator Confirmation used</li>
<li>Fixed mass emailer</li>
<li>Fixed long post time issue</li>
<li>Fixed bug with usernames containing single quotes</li>
<li>Fixed word list bug - Word boundaries were not considered</li>
<li>Fixed vulnerability in style admin</li>
<li>Fixed sql injection vulnerability in viewtopic</li>
<li>Fixed vulnerability allowing server side variable access in search - <b>tendor</b></li>
<li>Fixed potential vulnerability in 2.0.5 login username entry - <b>throw away/eomer</b></li>
<li>Fixed sql injection with reset date format field in profile - <b>tendor</b></li>
</ul>
 
<a name="204"></a><h3 class="h3">1.xvii. Changes since 2.0.4</h3>
 
<ul>
<li>Removed user facing session_id checks</li>
<li>Fixed user self-activation after deactivation</li>
<li>Fixed incorrect functioning of phpbb_realpath</li>
<li>Fixed wrong path to database schema files within the upgrade script</li>
<li>Fixed double quote problem with username validation</li>
<li>Allow & within email addresses</li>
<li>Fixed email validation for banned email addresses</li>
<li>Removed underline from email domain validation</li>
<li>Fixed redirection for sentbox folder, installation and email</li>
<li>Fixed poll deletion</li>
<li>Fixed Mozilla navigation bar</li>
<li>Fixed URL bbcode parsing</li>
<li>Fixed database timeouts while searching the forums</li>
<li>Fixed wrong email return path in admin mass mailing - <b>netclectic</b></li>
<li>Fixed MS-SQL failures within the update script</li>
<li>Fixed memberlist sort order</li>
<li>Fixed not showing leading spaces within Code BBCode</li>
<li>Fixed problem with adding double quotes to subject titles</li>
<li>Remove username input field from profile when user cannot change name</li>
<li>Fixed pagination error with highlighting</li>
<li>Fixed errors if no smilies are installed</li>
<li>Fixed CSS issues with IE 5.2 on MacOS X</li>
<li>Fixed missing sid propagation problem within the Moderator Control Panel</li>
<li>Fixed language variables within Authentication error output</li>
<li>Removed doubled CSS class definitions within input fields</li>
<li>Fixed username change within the Administration Panel</li>
<li>Added missing &lt;tr&gt; tags to index_body.tpl</li>
<li>Added missing username language variable to admin index page</li>
<li>Fixed moderator status update if a usergroup got deleted</li>
<li>Fixed poll handling upon post edit</li>
<li>Fixed remove common words from search table if post get pruned - <b>Nuttzy99</b></li>
<li>Fixed behaviour on splitting topics if no checkbox is selected</li>
<li>Anonymous is no longer displayed within Username dropdown boxes</li>
<li>Fixed viewprofile redirection if an invalid mode was specified</li>
<li>Fixed fraction settings within determining common words - <b>Novan</b></li>
<li>Prevent admin change usernames to his own within the ACP</li>
<li>Activation email is sent to all admins</li>
<li>Fixed conversion of &amp; to &amp;amp; in appropriate cases</li>
<li>Fixed display of "greater than topics per page" announcements preventing display of normal posts</li>
<li>Added variable checks to database backup and restore screen</li>
<li>Prevented pm popup window from resetting after visiting avatar gallery</li>
<li>Fixed special character handling with word censor</li>
<li>Added SID to jumpbox</li>
<li>Fixed problems with usernames using html special chars</li>
<li>Added GMT + 13 to English lang_main, all translators are encouraged to do likewise</li>
<li>Deleted doubled 'U_MEMBERLIST' assignment from page_header.php</li>
<li>Fixed wrong display of Signature Checkbox while editing Private Message</li>
<li>Fixed disappearing post text if emoticon was inserted directly after pressing a BBCode button</li>
<li>Display correct alt-tag for smilies within postings</li>
<li>Prevented the ability to apply BBCode to website contents</li>
<li>Fixed maxlength issue with password field in login_body.tpl</li>
<li>Fixed possible username duplication issue with validation and username length</li>
<li>Fixed split words function to handle additional foreign characters</li>
<li>Changed empty email To Field to use a non-disclosure delimiter</li>
<li>Fixed wrong language var in install.php - FTP Config screen</li>
<li>Fixed alt tag for locked topic images in viewforum_body.tpl</li>
<li>Fixed typo in groupcp.php - $lang['Unsub_success'] instead of $lang['Usub_success']</li>
<li>Fixed timezone display</li>
<li>Fixed wrong display of author quote tag within profile - <b>Cl1mh4224rd</b></li>
<li>Added deletion of sessions of users whose account is deactivated</li>
<li>Added mail header X-MimeOLE to the emailer class</li>
<li>Prevent registration if user is logged in or user trying to register again</li>
<li>Prevent usage of char(255) in usernames</li>
<li>Added check for additional FORWARDED_FOR IP's - <b>cosmos</b></li>
<li>Fixed handling of non-selection of option when voting</li>
<li>Fixed potential xss issue with memberslist mode</li>
<li>Default English support for visual confirmation - translators are encouraged to support this</li>
</ul>
 
<a name="203"></a><h3 class="h3">1.xviii. Changes since 2.0.3</h3>
 
<ul>
<li>Fixed cross-browser scripting issue with highlight param</li>
<li>Back-ported highlighting code from phpBB 2.2</li>
<li>Add session id validation to posting, profile, email, voting - <b>Edwin van Vliet</b></li>
<li>Added {S_HIDDEN_FIELDS} template var to profile_send_email.tpl</li>
<li>Added "intval" fix for flood check, may resolve some issues</li>
<li>Added missing index to post_id for search_wordmatch</li>
<li>Fixed spelling error in search add words preventing use of stopword list</li>
<li>Fixed issue with search common words not being run</li>
<li>Introduce viewtopic resync patch by Ashe</li>
<li>Replace a for n in templating code</li>
<li>Fixed ordering in memberslist</li>
<li>Fixed group_id sequence issues with pgsql and msaccess</li>
<li>Fixed assumption of word censors in user notification</li>
<li>Fixed incorrect display of quotes in user management fields</li>
<li>Fixed entry of special chars in all profile fields - note this may cause temporary issues</li>
<li>Fixed incorrect display of quotes when using avatar gallery</li>
<li>Fixed missing username in email sent to users when admin activated</li>
<li>Added check for non-empty smiley code and url in smiley admin</li>
<li>Prevent display of -- sig seperator in emails when no board sig exists</li>
<li>Fixed URL propagated sid issues with jumpbox</li>
<li>Fixed wrong mode name check (polldelete) in functions_post</li>
<li>Added missing root path to l10n image path check</li>
<li>Remove validation of fields when deleting a user</li>
<li>Fixed sort mode select box in memberslist to default to current mode</li>
<li>Deny inline topic review listing to users without auth_read permissions</li>
<li>Prevent display of topic notification checkbox if user cannot read forum</li>
<li>Remove incorrect pre-pending of IP to uploaded avatars</li>
<li>Fixed deletion of uploaded avatars when changing to remote/gallery</li>
<li>Added check for non-blank line during install schema/basic sql ops</li>
<li>Added sort ordering to Top Ten poster listing by request</li>
<li>Fixed incorrect error report when altering case of username</li>
<li>Added jumpbox output to modcp {JUMPBOX} will now work</li>
<li>Fixed non-updating of users with MOD levels when deleting a forum</li>
<li>Remove email to group moderator when approving new members</li>
<li>Fixed non-handling of HTML in poll options</li>
<li>Fixed non-deletion of polls when deleting forum and its posts</li>
<li>Fixed moved shadow topic from being bumped upon reply</li>
<li>Changed field size of timezone to decimal(5,2) where applicable</li>
<li>Fixed missing sid append to URL when redirecting to newest reply</li>
<li>Fixed missing slashes in private IP preg check</li>
<li>Fixed session not setting userdata['user_id'] to ANON as appropriate</li>
<li>Added check for non-empty name in disallow admin</li>
<li>Fixed validation of SSL website addresses in profile</li>
<li>Fixed inability of admins to upload avatars via user admin panel</li>
<li>Fixed non-deletion of private message text upon full box overwrite</li>
<li>Fixed incorrect error message in smiley admin</li>
<li>Fixed incorrect alt-text for "Stop Watching Topic" image</li>
<li>Temporary fix for missing lang strings in forum admin - translators should update their packages if not done already</li>
<li>Use selected localisation during later stages of installation</li>
<li>Fixed non-check of permissions when deleting a topic via Moderator Control Panel</li>
<li>Fixed non-update of banlist upon user deletion</li>
<li>Check approved users boxes by default in usergroup approve form</li>
<li>Fixed non-appending of sid to backup meta refresh</li>
<li>Fixed non-notification of no support for certain databases in backup/restore</li>
<li>Added $images var to message die global declaration</li>
<li>Fixed wrong string, Private_message in Private Messaging</li>
<li>Add mail send result to error output</li>
<li>Fixed non-appending of sid to Mozilla nav bar menu items</li>
<li>Fixed incorrect profile linking from MSNM url in private messaging</li>
<li>Grammatical errors in English lang_main fixed - <b>Cluster</b></li>
<li>Allow deletion of avatar and simultaneous upload/linking/gallery selection</li>
<li>Fixed non-updating of user rank when changing from special to normal rank in rank admin</li>
<li>Changed user topic notification default in schemas to 0 (off)</li>
<li>Fixed non-XHTML compliant img tags in privmsg.php</li>
<li>Fixed non-deletion of announcements and polls when removing forum contents in forum admin</li>
<li>Fixed non-pruning of watched topics table when pruning related topics</li>
<li>Enable GET redirect on logout</li>
<li>Added check for IE6.x to viewtopic ICQ indicator javascript</li>
<li>Fixed empty username quoting with MS-SQL</li>
<li>Fixed BBCode url, magic url and img tags to allow most chars beyond domain names</li>
<li>Prevent parsing of -ve size values in BBCode size tag</li>
<li>Back ported HTML handler from 2.2, this may impact some boards which allow complex HTML - existing parser remains but commented out</li>
<li>Fixed parsing of word censors to not censor words within &lt; and &gt; tag delimiters</li>
<li>Fixed database utilities failing to backup data with MySQL</li>
<li>Fixed signature parsing in User Admin</li>
<li>Fixed missing class="post" tags in subSilver Admin templates</li>
<li>Fixes for paths under Apache2</li>
<li>Added wrap text with tag support for posting in Mozilla 1.1+</li>
<li>Fixed use of missing CSS classes in modcp_split, group_info_body, error_body and agreement</li>
<li>Fixed ability of users to edit polls even after they have received votes</li>
<li>Fixed header Location to be absolute URL as per HTTP 1.1 spec - noted by <b>PhilippK</b></li>
<li>Added additional session_id checks to MCP, topic subscription, PM and similar items</li>
<li>Fixed colour select box in posting_body to reset to Default colour after selection</li>
<li>Altered PM icon to show new image until messages have been read</li>
<li>Fixed incomplete deletion of PMs when removing the associated user</li>
<li>Fixed unread and new PM user counters to decrement appropriately in all situations</li>
<li>Fixed possible cross-site scripting issue with username search</li>
<li>Fixed some problems with gzip in combination with newer PHP versions and Mozilla</li>
<li>Fixed wrong maxlength in modcp_split.tpl subject field</li>
<li>Fixed inability to edit username of guest poster - <b>vHiker</b></li>
<li>Fixed ability for guests to post with certain registered usernames</li>
<li>Fixed various HTML issues to improve XHTML compliance - <b>Daz</b></li>
<li>Fixed missing template var {L_PM} for memberslist - <b>Daz</b></li>
<li>Fixed wrong key name for $images['Topic_un_watch'] - <b>Daz</b></li>
<li>Fixed missing template var {S_WATCH_TOPIC_IMG} for viewtopic - <b>Daz</b></li>
<li>Fixed missing default constraints for post table under MSSQL</li>
<li>Fixed incorrect field size for forum pruning - preventing days > 256</li>
<li>Fixed continuing redirect issues for broken web servers, e.g. IIS+CGI PHP</li>
<li>Fixed inability to use ftp as a protocol for the [img] tag</li>
<li>Fixed incorrect handling of [img] tags containing %20 encoded spaces</li>
<li>Added check for . within cookie_name, change to _ if present</li>
<li>Added SHOW_ONLINE constant to limit "users online" code operation to index and viewforum</li>
<li>Added "temporary" workaround for Apache2 + PHP module ignoring "private" cache header</li>
<li>Added workaround for modcp IP lookup and links to Anonymous user profile</li>
<li>Fixed broken bbcode parsing of quotes containing bbcode in the "username"</li>
<li>Fixed excess slashes in [quote=""] first pass encoding</li>
<li>Fixed rendering issue with quote button under Mozilla - <b>Daz</b></li>
<li>Grammatical errors in remaining core lang files fixed - <b>Cluster</b></li>
<li>Fixed bbcode quote breaking when username contained ] before [</li>
<li>Fixed duplicate group_id error during upgrade of users from phpBB 1.x</li>
<li>Fixed stripslashes() problem with the conversion of the config table from phpBB 1.x</li>
<li>Rejiggled validation code, may eliminate "Username disallowed" issues</li>
<li>Fixed differing initial "public" setting of forum permissions between different files</li>
<li>Added check for invalid (non-compliant) email addresses to upgrade script</li>
<li>Further redirect workarounds for broken servers, please direct further issues to the vendors</li>
<li>Added GMT + 13 to English lang_main, all translators are encouraged to do likewise</li>
<li>Added switch to default_lang email template if user lang template no longer exists</li>
<li>Fixed javascript error when selecting smiley containing a single quote</li>
<li>Update users watched topic if a post they made is split into a new topic</li>
<li>Fixed situations where email templates contain incorrect or missing subject lines</li>
<li>Fixed error when searching for posts and no forums exist</li>
<li>Fixed potential SQL vulnerability with marking of private messages - <b>Ulf Harnhammar</b></li>
</ul>
 
<a name="202"></a><h3 class="h3">1.xix. Changes since 2.0.2</h3>
 
<ul>
<li>Fixed potential cross-site scripting vulnerability with avatars - <b>Showscout</b></li>
<li>Fixed potential SQL rewrite issue in page header - <b>missing contrib</b></li>
<li>Fixed potential CSS/HTML rewrite on viewing in login - <b>Marc Rees</b></li>
<li>Fixed (hopefully) issue with MS Access and multiple pages</li>
</ul>
 
<a name="201"></a><h3 class="h3">1.xx. Changes since 2.0.1</h3>
 
<ul>
<li>Fixed missing "username" lang variable in user admin template</li>
<li>Session work around for users behind rotating IPs - <b>vHiker</b></li>
<li>Fixed potential session user_id re-write - <b>Ashe</b></li>
<li>Fixed potential cross-browser scripting issue with BBCode URLs</li>
<li>Fixed potential gallery avatar exploit - <b>Ashe</b></li>
<li>Fix sorting of smileys on each function call - <b>Ashe/psoTFX</b></li>
<li>Clear topic_mod text output in viewtopic - <b>Lars</b></li>
<li>Fix regex for avatar remote urls</li>
<li>Fix non-updating of user post counts when deleting whole topics</li>
<li>Increase time limit when sending topic reply notifications</li>
<li>Set default forum when splitting topics</li>
<li>Fix non-deletion of uploaded avatars when switching to gallery</li>
<li>Removed various closing newlines from included files</li>
<li>Add MAX_ROWS to HEAP table alter in install/upgrade - <b>Ashe</b></li>
<li>Update username maxlength for subSilver templates</li>
<li>Allow <b>(</b> and <b>)</b> in BBCode [url] tags</li>
<li>Fix non-quoting of <b>#</b> in username validation regexs</li>
<li>Fix overlooked global var in private messaging</li>
<li>Possible fix for \r\n email templates issues</li>
<li>Fix missing str_replace for category title forum admin SQL</li>
<li>Fix trailing <b>,</b> when sending emails via smtp</li>
<li>Fix avatar issues in user admin</li>
<li>Fix improper checking of email address ban in sessions</li>
<li>Fix use of hard coded language strings in forum admin</li>
<li>Fix missing closing <b>)</b> in smilies admin</li>
<li>Fix missing Username label in user admin</li>
<li>Fix upgrade.php bug where conversion would not complete (and updated other scripts to match the changes)</li>
<li>Fix problem with redirect and login.php</li>
<li>Fix typo that could cause problems with sorting in the memberlist</li>
<li>Fix emailer to allow sending emails with language-specific character sets</li>
</ul>
 
<a name="200"></a><h3 class="h3">1.xxi. Changes since 2.0.0</h3>
 
<ul>
<li>Fixed delete image bug for normal users</li>
<li>Fixed group control panel image links</li>
<li>Fixed missing L_POST variable in group control panel</li>
<li>Fixed missing user id when redirecting to email form after login</li>
<li>Fixed (a)ppend_sid function name error in group control panel</li>
<li>Fixed reset of post type when previewing a post</li>
<li>Fixed mass emailer include path error</li>
<li>Fixed potential SQL exploit</li>
<li>Fixed several minor subSilver issues</li>
<li>Fixed [quote] breaking HTML problem</li>
<li>Fixed problem with unclosed nested quotes</li>
<li>Fixed bad handling of automagic links at end of quotes</li>
<li>Fixed potential BBCode and avatar remote exploit</li>
<li>Altered email validation check to allow + in username as per RFC</li>
<li>Fixed incorrect behaviour with wildcards in disallowed usernames</li>
<li>Added missing append_sid for search view results as posts</li>
<li>Fixed incorrect clearing of current sessions for logged in users</li>
<li>Fixed user_timezone (cannot update user profile) problem</li>
<li>Added correct setting of moderator status for users during upgrade</li>
<li>Fixed handling of uploaded avatars if gallery avatar currently used</li>
<li>Fixed use of existing username for uploaded avatars</li>
<li>Fixed updating of topic reply stats when post is deleted</li>
<li>Fixed irrelevant error message when activating already active account</li>
<li>Fixed gzip compression problems with Netscape and some PHP versions</li>
<li>Fixed MS Access layer errors when using latest PHP versions</li>
<li>Fixed styles admin editing problems with MSSQL Server</li>
<li>Fixed logout issue when cancelling certain actions</li>
<li>Fixed missing text in certain admin links</li>
<li>Fixed opening of frame within frame when logging into admin</li>
<li>Fixed incorrect ordering of search results by time</li>
<li>Fixed fulltext searching failure with MS Access</li>
<li>Hopefully fixed fulltext search with non-latin single byte charsets</li>
<li>Enabled work-around support for some multi-byte charsets - <b>OOHOO</b></li>
<li>Re-enabled search indexing of all-numeric character sequences</li>
<li>Updated email banning to properly implement wildcards</li>
<li>Fixed missing extension in links from groupcp</li>
<li>Fixed lack of re-validation when changing email address</li>
<li>Added additional IP check when using HTTP_X_FORWARDED_FOR</li>
<li>Fixed non-display of delete icon when on second or greater topic page</li>
<li>Fixed problems with users/groups assigned multiple permissions</li>
<li>Fixed problem with - and + in search words - <b>Matthijs</b></li>
<li>Fixed improper handling for deletion of words from search table</li>
<li>Fixed support for <b>,</b> in automagic URLs as per RFC</li>
<li>Fixed circular reference SQL errors when deleting posts under MS Access</li>
<li>Fixed nested [code] problems</li>
<li>Added charset encoding headers for emails - <b>romutis</b></li>
<li>Fixed "Copy to self" emails to use correct language</li>
<li>Fixed pagination error when limiting previous days for viewforum</li>
<li>Decreased minimum search word size to 3 chars</li>
<li>Fixed deletion of one or more options from all polls when editing just one</li>
<li>Fixed checking of group memberships when promoting/demoting group moderators</li>
<li>Added database closure to admin frameset page</li>
</ul>
 
<a name="final"></a><h3 class="h3">1.xxii. Changes since RC-4</h3>
 
<ul>
<li>Fixed improper report of general error when posting messages containing errors</li>
<li>Fixed post text being doubled up if it contained one or more &lt; without closing &gt;</li>
<li>Fixed pruning errors due to search function name change</li>
<li>Hopefully fixed various issues which led to incorrect reply and excess page counts</li>
<li>Fixed groupcp not displaying all email buttons to group moderator or admin</li>
<li>Fixed failure to display error notice when uploading oversized avatars</li>
<li>Hopefully corrected problem with viewonline displaying too few/many users online</li>
<li>Partially addressed issue with activation URLs >76 chars</li>
<li>Fixed additional search facilities failing to work or working incorrectly</li>
<li>Fixed search syntax highlighting</li>
<li>Addressed various webservers handling of page redirects</li>
<li>Fixed word censor not replacing first or last words</li>
<li>Fixed avatar height and width check for locally uploaded images</li>
<li>Hopefully fixed cache control header</li>
<li>Added check for PM box size limit of 0 to prevent div0 error</li>
<li>Fixed failure to fully delete PMs in outbox</li>
<li>Fixed display problem with polls</li>
<li>Fixed problem with guest username not being displayed for topic results in search</li>
<li>Fixed problem with quotes in various profile fields</li>
<li>Fixed schema problem with user_timezone</li>
<li>Fixed page display issue with MS Access</li>
<li>Fixed user level issue when altering user from user to admin and vice versa</li>
<li>Fixed incorrect parseing of some email templates</li>
<li>Reduced size of MS Access primer</li>
<li>Fixed various remaining usergroup display issues</li>
</ul>
 
<a name="rc4"></a><h3 class="h3">1.xxiii. Changes since RC-3</h3>
 
<ul>
<li>Addressed serious security issue with included files</li>
<li>Fixed non-use of database table prefix name during upgrade</li>
<li>Split functions and profile into separate modules</li>
<li>Fixed (hopefully) remaining issues with colourisation of moderator usernames</li>
<li>Updated install to include entry of additional, required, information</li>
<li>Fixed (hopefully) AOL incompatibilities</li>
<li>Fixed non-display of moderators in index/viewforum</li>
<li>Fixed group control panel 'no groups exist' problems</li>
<li>Fix HTTP_X_FORWARDED_FOR spoofing possibility</li>
<li>Fix ignoring of private range IP's in HTTP_X_FORWARDED_FOR</li>
<li>Enable multiple wildcard email banning, eg. *name*@somewhere.tld</li>
<li>Fix problems with posts being truncated if containing &lt; and &gt; characters</li>
<li>Prevent URL, BBCode and most smiley parseing in [code][/code]</li>
<li>Fix problems with use of certain reserved chars in word censor list</li>
<li>Fix default search useage to be as described (was doing AND by default)</li>
<li>Fix various avatar issues with profile, gallery and viewtopic</li>
<li>Enable safe mode support for uploading avatars</li>
<li>Fix broken modcp IP view issue</li>
<li>Fix potential session_id re-write vulnerability</li>
<li>Finish localisation of days and months (AM/PM are not and will not be localised in 2.0)</li>
<li>Remove link to external subSilver stylesheet from default subSilver templates</li>
<li>Handle TRANSACTIONS correctly in MySQL 3.x (by returning correct responses)</li>
<li>Fix checkbox resetting problem while previewing posts</li>
<li>Fix a login redirect issue</li>
<li>Remove some additional unused fields during upgrade</li>
<li>Fix (hopefully) remaining ICQ overlay issue with view profile in subSilver</li>
</ul>
 
<a name="rc3"></a><h3 class="h3">1.xxiv. Changes since RC-2</h3>
 
<ul>
<li>Fixed infamous install parse error</li>
<li>Major update of posting and related search functions (fixing various issues and increasing speed)</li>
<li>Fixed display of author and last poster names when both are different guest users</li>
<li>Fixed upgrade stall issues (hopefully!) and improved output</li>
<li>Fixed highlighting code for viewtopic and search</li>
<li>Reduced size of several files and functions</li>
<li>Moved localised images to sub-directories</li>
<li>Improved user feedback of disallowed usernames</li>
<li>Fixed various MSSQL bugs</li>
<li>Fixed installation of MSSQL/MSSQL-ODBC</li>
<li>Fixed security issue with upgrade.php</li>
<li>Finished implemention of various additional features</li>
<li>Fixed various user, group and forum permissions problems</li>
<li>Fixed issues with BBCode [ and ] (hopefully!)</li>
<li>Fixed autologin problems with MS IIS</li>
<li>Hopefully fixed problems with URIs in emails on some server configs</li>
<li>Fixed 'blank' profile and DB utilities problems on submit</li>
<li>Fixed incorrect language being used in email subjects</li>
<li>Fixed issues with incorrect private message new/unread counts</li>
<li>Fixed various PostgreSQL related errors</li>
<li>Automatically forward users to login screen in more situations</li>
<li>AEnabled (coloured) online indication of moderators and admins</li>
<li>Enabled maximum online user count</li>
<li>Altered online user count to ignore duplicate IPs (will now underestimate rather than overestimate)</li>
<li>Enabled viewing of users browsing each forum</li>
<li>Fixed (hopefully) display of overlayed ICQ icon in Netscape using subSilver</li>
<li>Fixed display of guest usernames for last post and author</li>
<li>Hidden usergroups are now completely hidden from view</li>
</ul>
 
<a name="rc2"></a><h3 class="h3">1.xxv. Changes since RC-1</h3>
 
<ul>
<li>Fixed numerous PostgreSQL related issues</li>
<li>Significant updates and additions to the upgrade script</li>
<li>Various (missed) hard coded language strings fixed</li>
<li>Fixed viewforum error when no forum id specified</li>
<li>Fixed old constant name useage in search system</li>
<li>Fixed display of moved posts when viewing unanswered posts</li>
<li>Fixed failure of search for user and keyword when displaying as posts</li>
<li>Fixed PM popup notification</li>
<li>Fixed view more emoticon session page problem</li>
<li>Fixed view profile email links</li>
<li>Fixed display of websites in profile</li>
<li>Fixed backup database failure</li>
<li>Fixed MS Access schema error when posting topics</li>
<li>Fixed problem with hypenated/dotted DB names in MySQL 3.23.6+</li>
<li>Various other fixes and updates</li>
</ul>
 
<a name="rc1"></a><h3 class="h3">1.xxvi. Changes since RC-1 (pre)</h3>
 
<ul>
<li>Upgrade script completed for initial fully functional release</li>
<li>Sessions code updated</li>
<li>Mark read code updated and hopefully fixed</li>
<li>Significant changes to properly deal with \' for non-MySQL boards</li>
<li>mssql, msaccess and mssql-odbc DB classes re-written</li>
<li>Avatar issues addressed and fixed</li>
<li>Search (INSERT) bug using MySQL fixed</li>
<li>Search highlighting issues addressed</li>
<li>Search own/other users posts fixed</li>
<li>BBCode fixes for magic URIs and other issues</li>
<li>Template updates for subSilver</li>
<li>User and group permissions problems fixed</li>
<li>Forum management problems (deletion of forum causing category not to display) fixed</li>
<li>Pagination problem with groupcp fixed</li>
<li>Backslash issues with posting and profile fixed</li>
<li>Backslash issues with emails fixed</li>
<li>preg_quote problems fixed</li>
<li>User management updated with full avatar control and missing fields</li>
<li>Private messaging box limits fixed</li>
<li>Private messaging ?folder= strangeness fixed</li>
<li>Forum pruning code updated to cope with search system</li>
<li>Emoticon system in posting updated</li>
<li>BBCode FAQ link added to posting form</li>
<li>Language file updates to address concerns of translators</li>
<li>Various other bug fixes and updates</li>
</ul>
 
<p>Note that a full list of fixed bugs can be found at the bug tracker (see section on bug reporting <a href="README.html#bugs">here</a>)</p>
 
<a name="disclaimer"></a><h2 class="h2"><u>2. Copyright and disclaimer</u></h2>
 
<p>This application is opensource software released under the <a href="http://www.gnu.org/licenses/gpl.html" target="_new">GPL</a>. Please see source code and the Docs directory for more details. This package and its contents are Copyright © 2002 <a href="http://www.phpbb.com/" target="_new">phpBB Group</a>, All Rights Reserved.</p>
 
<!-- END DOCUMENT -->
</td>
</tr>
</table></td>
</tr>
</table>
 
</body>
</html>
/Forum/docs/COPYING
0,0 → 1,281
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
 
Copyright (C) 1989, 1991 Free Software Foundation, Inc.
675 Mass Ave, Cambridge, MA 02139, USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
 
Preamble
 
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
the GNU Library General Public License instead.) You can apply it to
your programs, too.
 
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.
 
To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.
 
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their
rights.
 
We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.
 
Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.
 
Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all.
 
The precise terms and conditions for copying, distribution and
modification follow.
 
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
 
0. This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License. The "Program", below,
refers to any such program or work, and a "work based on the Program"
means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it,
either verbatim or with modifications and/or translated into another
language. (Hereinafter, translation is included without limitation in
the term "modification".) Each licensee is addressed as "you".
 
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.
 
1. You may copy and distribute verbatim copies of the Program's
source code as you receive it, in any medium, provided that you
conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.
 
You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.
 
2. You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
 
a) You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.
 
b) You must cause any work that you distribute or publish, that in
whole or in part contains or is derived from the Program or any
part thereof, to be licensed as a whole at no charge to all third
parties under the terms of this License.
 
c) If the modified program normally reads commands interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a
notice that there is no warranty (or else, saying that you provide
a warranty) and that users may redistribute the program under
these conditions, and telling the user how to view a copy of this
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
 
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
 
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
 
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
 
3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:
 
a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange; or,
 
b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
 
c) Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)
 
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.
 
If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
 
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
void, and will automatically terminate your rights under this License.
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.
 
5. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.
 
6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.
 
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
 
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
 
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
 
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
 
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
 
9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
 
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.
 
10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
 
NO WARRANTY
 
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
 
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
 
END OF TERMS AND CONDITIONS
 
/Forum/docs/FAQ.html
0,0 → 1,208
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html">
<meta http-equiv="Content-Style-Type" content="text/css">
<title>phpBB 2.0.x :: FAQ</title>
<link rel="stylesheet" href="../templates/subSilver/subSilver.css" type="text/css" />
<style type="text/css">
<!--
p,ul,td {font-size:10pt;}
h2 {font-size:15pt;font-weight:bold;}
h3 {font-size:12pt;}
//-->
</style>
</head>
<body bgcolor="#E5E5E5" text="#000000" link="#006699" vlink="#006699">
 
<table width="100%" border="0" cellspacing="0" cellpadding="10" align="center">
<tr>
<td class="bodyline"><table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td>
 
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><img src="../templates/subSilver/images/logo_phpBB.gif" border="0" alt="phpBB 2 : Creating Communities" vspace="1" /></a></td>
<td align="center" width="100%" valign="middle"><span class="maintitle">phpBB 2.0.x FAQ</span></td>
</tr>
</table>
 
<!-- BEGIN DOCUMENT -->
<p>This is a very basic Frequently Asked Questions (FAQ) page which attempts to answer some of the more commonly asked questions. It is by no means exhaustive and should be used in combination with the 'built-in' User FAQ within phpBB2, the community forums (particularly the Tutorials forum) and our IRC channel (see <a href="README.html">README</a> for details).</p>
 
<ol>
 
<li><b>I cannot install this it is too difficult! Will you do it?</b></li>
 
<p>Simple answer, no we will not. We are not being difficult when we say this we are actually trying to help you. phpBB has a reputation for being easy to install, that reputation is we believe well deserved. It is a simple process of unarchiving a single file, uploading the resulting directory/files to their intended location and entering some data in a web based form. The sequence of events, what to type where, etc. is covered in detail in the accompanying <a href="INSTALL.html">INSTALL.html</a> documentation. If you cannot install phpBB 2.0.x the chances are you will be unable to administer or update it.</p>
 
<p>There are people, companies (unrelated to your hosting provider), etc. that will install your forum, either for free or for a payment. We do not recommend you make use of these offers. Unless the service is provided by your hosting company you will have to divulge passwords and other sensitive details. If you did not know how to use an ATM would you give a passer-by your bank card and PIN and ask them to show you what to do? No, probably not! The same applies to your hosting account details!</p>
 
<p>We think a better solution is for you to carefully read the enclosed documentation, read our tutorials forum at www.phpbb.com and if necessary ask for help on any thing you get stuck on. However, the decision is yours but please note we may not offer support if we believe you have had the board installed by a third party. In such cases you should direct your questions to that company or person/s.</p>
 
<li><b>How do I install this board on Lycos/coolfreepages/other free host?</b></li>
 
<p>The old addage "You get what you pay for" is particularly true for hosting services! However if you must use a free service (and recognise its limitations) you will find details on common pitfalls in our tutorials forum at <a href="http://www.phpbb.com/phpBB/">http://www.phpbb.com/phpBB/</a>.</p>
 
<li><b>I am having problems with the admin at a certain board, help!</b></li>
<li><b>A board has ripped off my graphics/software/etc., stop them!</b></li>
<li><b>A board is dealing in warez/porn/etc., you need to prevent them doing this!</b></li>
 
<p>We provide the software, we have absolutely nothing to do with any board that runs it (beyond phpbb.com of course!). The GPL grants the user an unlimited right of use subject to their adherence of that licence. Therefore we cannot prevent, dictate, control or otherwise limit the use of phpBB 2 software. So please do not contact us for such matters.</p>
 
<p>If you have a problem with a given board please take it up with them, not us. We are not and cannot be held legally responsible for any third party use of this software (much like Microsoft et al cannot be held responsible for the use of Windows in illegal activities, etc.). Additionally we do <b>not</b> track the use of phpBB software in any way. So please do not ask us for details on a "given" board we will not be able to help you. If any law firms or lawyers out there send us writs, Cease and Desist orders, etc. for third party website use of this software we reserve the right to charge for time wasted dealing with such issues ...</p>
 
<li><b>According to viewonline a user is doing/reading something they should not be able to!</b></li>
 
<p>No, they probably are not. phpBB uses sessions to keep track of users as they move between pages. The session information tells us who this user is. Therefore in order to determine what a user can do on a page we first need the session details. Once this data is available we can check whether the user is permitted to do whatever it is they are trying to do. This can result in it appearing as if a user is reading a topic in a forum they should not be able to access. Or perhaps viewing private messages when they are only guests, etc. In practice the user is not doing these things, they are viewing a "You are not permitted to do this" type message. The session data has simply been updated before we were able to determine what the user could or could not do.</p>
 
<p>Of course this only applies where permissions have been set correctly!</p>
 
<li><b>I keep getting Mail sending errors when I (or my users) post/send PM's/etc.!</b></li>
 
<p>This error will occur if phpBB cannot send mail. phpBB can send email two ways; using the PHP mail() function or directly via SMTP. Some hosting providers limit the mail() function to prevent its use in spamming, others may rename it or limit its functionality. In either case you may need to make use of SMTP. This requires that you have access to such a facility, e.g. your hosting provider may provide one (perhaps requiring specific written authorisation), etc. Note that if your provider requires authorisation we only support the simple AUTH method using plaintext username/password. We do not support secure sockets layer (SSL), POP3 send or any other method. Please see <a href="http://www.phpbb.com/phpBB/" target="_blank">http://www.phpbb.com/phpBB/</a> for additional help on this matter.</p>
 
<p>If you do require SMTP services please do not ask (on our forums or elsewhere) for someone to provide you with one. Open relays are now things of the past thanks to the unthinking spammers out there. Therefore you are unlikely to find someone willing to offer you (free) services.</p>
 
<li><b>My users are complaining that emails are not in their selected language!</b></li>
 
<p>You must have deleted a language pack or the language pack is incomplete. phpBB will try to send emails in the users selected language. If it cannot find a suitable email template it will switch to the boards default language.</p>
 
<li><b>The first four letters of my text disappeared when I hit submit!</b></li>
 
<p>Some forms in phpBB make use of arrays to "post" or submit data, e.g. polls, forum management, etc. A bug exists in PHP 4.2.3 (and perhaps older versions) which can cause such data to lose the first four characters of text. This bug is related to the presence of the mbstring module and certain compile time parameters (the problem exists for both compiled in and modular version of mbstring). Please see: <a href="http://bugs.php.net/bug.php?id=19460" target="_blank">http://bugs.php.net/bug.php?id=19460</a> for more details. Note the bug is fixed in PHP CVS and thus future versions should be immune. Remember, this is <b>not</b> a bug in phpBB 2.</p>
 
<li><b>My AOL based users keep getting logged out!</b></li>
 
<p>phpBB2 uses sessions to keep track of users as they browse the board. These sessions use a combination of a unique session id and the users IP to identify each user. We make use of the IP as an extra safe-guard to help prevent sessions being hijacked (by discovering the unique session id).</p>
 
<p>Unfortunately this only works when the users IP is constant as they browse the board. For most users this will be the case. However certain providers route their users via a cluster of proxys. In some cases, particularly AOL this results in different IPs being forwarded as the user moves between pages. We take account of this by not checking the entire IP but only the first "three quads". Again in most cases this will be fine. However again AOL uses IPs which can vary so much that checking only the first two quads results in a fairly static IP being available for session validation.</p>
 
<p>If you are experiencing problems related to this you can make a small change to the code. Please note that reducing the IP validation length does potentially increase the risk of sessions being hijacked (this is something for you to consider, phpBB Group takes no responsibility should anything happen!). The change requires you to open the file sessions.php in the includes/ directory of the distribution. Find line 250, it contains the following <pre>$ip_check_s = substr($userdata['session_ip'], 0, 6);</pre>change this to: <pre>$ip_check_s = substr($userdata['session_ip'], 0, <b>4</b>);</pre>You need to make exactly the same change to the number 6 in the next line. Save the file (and upload it if required). This should reduce or eliminate the problem noted.</p></li>
 
<li><b>I selected X for my timezone but the time is not correct!</b></li>
 
<p>I suspect the time is correct but that you may have switched (locally) to daylight savings time. At present we do not support daylight savings only standard local times. Therefore during summer months (depending on whether your nation/state switches to daylight savings) the board times may appear to be <b>one hour</b> behind the <i>real</i> local time. The solution is to either put up with it (just let your users know) or to move the timezone of everyone who is affected (remember that not all your users may be from nations who have switched to daylight savings) on one hour, eg. GMT becomes GMT+1. This requires running some SQL and you should search our forums for information.</p>
 
<p>If this is not the case then I suspect your servers time is at fault. phpBB 2 stores all times in the form of a unix timestamp. This is a 32bit integer value containing the number of seconds since the unix epoch event, 1st January 1970 00:00:00 GMT. This value is global in nature and will be the same wherever you are in the world. So, if your time is incorrect and you have selected the appropriate timezone chances are your server time is off.</p></li>
 
<li><b>I am seeing &amp;#nnnn; sequences output instead of what I typed!</b></li>
 
<p>To enable compliance with HTML and XHTML specifications as well as enabling browsers to automatically support a users selected language we enable a <i>charset</i> tag to be output to the browser. This identifies the primary character set the user has selected, eg. iso-8859-1 for Western European languages (English, German, French, etc.), windows-1251 for Cyrillic alphabets (Russian, Bulgarian, etc.) and so on. The downside to doing this is that most modern browsers (such as Internet Explorer) convert any character not present in that character set into what are termed <i>Numerical Character References</i> or NCR's. These take the form of &amp;#nnnn; where nnnn is the hexadecimal number of that characters UNICODE reference.</p>
 
<p>Unfortunately PHP (which effectively supports only iso-8859-1 at this time) does not appear to attempt to process this data back into normal characters. Therefore phpBB treats them as text the user has entered and wishes to <i>see</i>. phpBB enables this by turning the &amp; into &amp;amp;. This results in the characters appearing as they do. Although we could ignore &amp;#nnnn; (there are pro's and of course con's to doing so) at present we don't.</p>
 
<p>If you are finding this to be problem the solution is to remove the <pre>charset={S_CONTENT_ENCODING}</pre> text from <b>all</b> the _header.tpl template files in all templates. The downside to this is a users browser will not automatically switch its charset to that selected by the user (however this is unlikely to be a big problem since users typically run their browser by default in the language they wish to use). Alternatively you can modify the $lang['ENCODING'] entry in the appropriate language file. Until PHP (and all browsers!) trully support UNICODE these problems will persist across all boards.</p></li>
 
<li><b>I cannot search for certain words!</b>
 
<p>phpBB 2 uses a Fulltext search system, this has both advantages and disadvantages. The advantage is that on large or busy forums it has far less impact on server load than <i>standard</i> search methods as used by many alternative forums (including phpBB 1.x). The disadvantage is that to reduce the size of the database (every post is examined and unique words stored in a table) we have to limit the size and type of words we store. By default words must contain at least three characters but no more than 25, they must be either alpha or combinations of alpha and numerals (numbers alone are not stored). In addition all non-alphanumeric characters are removed, eg. _, +, -, etc. This is standard practice for fulltext search solutions.</p>
 
<p>A further downside is that non-latin alphabets, eg. Cyrillic, Greek, etc. require proper locale support to be compiled in and available on the server your board is running on. If this is not the case it is quite likely that words will not be properly indexed for storage. In many cases this can be recified by altering the setlocale(LC_ALL, '[LOCALE_HERE]'); statement in the appropriate language file. If you are experiencing problems you should change whatever is currently in place of [LOCALE_HERE] with the locale as available on your server. If you do not know this please ask your hosting provider. Some examples may be ru_RU.WIN_CP_1251 for the codepage used for the Russian translation, ko.KOI8 for Korean, etc.</p>
 
<p>Please note that support for multibyte character sets remains very limited in PHP4 and therefore Japanese, Chinese, etc. may have difficulty getting the fulltext search working correctly at all.</p>
 
<li><b>My screen is filled with errors when I try to view the forum!</b>
 
<p>Are they errors? Are you sure they are not warnings? They probably are ... What you're seeing is PHP warn you about unset variables. Great care has been taken with phpBB 2.0 to ensure it is secure. Unset variables while being a potential security risk really shouldn't be in 2.0. Unfortunately some hosting providers have decided that any unset variables equal security problems and force PHP to output these warnings even though phpBB 2.0 is set to ignore them.</p>
 
<p>We have worked some way toward checking and/or setting all variables before use but this will take time to complete (if it can be). Therefore I am afraid for the time being you will have to manually modify the code or ask your hosting provider to be more realistic with their setup.</p></li>
 
<li><b>How do I use the avatar settings?</b>
 
<p>There are three types of avatar; upload, remote and local.</p>
<p><ul>
<li>Upload types require you to create a directory (the default is images/avatars) and to set this to public read/write (ie. chmod a+rw), users can then upload avatars (subject to width, height and size limits definable by you).</li>
<li>Remote avatars allow the user to supply a URI pointing to an image available on the internet, <b>PLEASE NOTE</b> that size limits do not apply to remote avatars!</li>
<li>Local avatars allow you to upload your own avatars to a set directory, users can then pick from this avatar gallery. The default location for this is images/avatars/gallery. PLEASE NOTE that avatars are categorised according to sub-folders in this location! ie. you <b>MUST</b> place your avatars in subdirectories, eg. images/avatars/gallery/cartoons, images/avatars/gallery/real-life, etc.</li>
</ul></p></li>
 
<li><b>No matter what I set the uploadable avatars to I cannot upload one from my computer!</b>
 
<p>There are two possibilities here, the first is you have not created the directory you specified as the storage location for avatars, ie. as specified in the Admin->General Configuration->Avatars section. If the directory does not exist uploadeable avatars are automatically disabled. You should create the required directory (ensuring it has global write access or other appropriate permissions to allow the webserver to write files to it).</p>
 
<p>The second possibility is that your provider has disabled file_upload support, possibly because of a recently found serious security issue with PHP before version 4.1.2. You should contact your provider and ask them if this is the case. It may be unrelated to the security issue and your provider has simply decided to disable such things in general. In either case I'm afraid there is not a lot you can do, there are still three other avatar settings left to choose from including uploading via a URL which will work fine</p></li>
 
<li><b>I just cannot get gallery avatars to appear!</b>
 
<p>Chances are you have not followed our instructions above. phpBB 2 categorises gallery avatars and it does this by reading through folders contained in the location you specified as being the gallery path. For example, if you set the gallery path to "images/avatars/gallery" phpBB 2 will expect to find a series of folders within that path, eg. "images/avatars/gallery/moviestars", "images/avatars/gallery/cartoons", "images/avatars/gallery/misc", etc. Placing images directly in "images/avatars/gallery/" will result in nothing being listed in your gallery.</p></li>
 
<li><b>How do I set forum permissions?</b>
 
<p>You set forum permissions from the administration control panel -> Forums -> Permissions. This system has two modes of operation; Simple and Advanced. Simple uses a set of pre-defined authorisation levels, these set each type of authorisation setting to a specific level. Advanced settings allow you to specify individual levels for each operation in each forum. Experiment!</p></li>
 
<li><b>How do I set user and group permissions?</b>
 
<p>These are set from Admin -> Users (Groups) -> Permissions. The system may appear strange but it's very powerful. When you look up a user or group it will give you basic information (at the top of the page) followed by the available forum listing and current settings for this user. You can assign moderator status to users and groups and if you have PRIVATE forums (or forums with any of their individual operations set to PRIVATE) you can also assign access.</p></li>
 
<li><b>How do I set a user (group) as moderator?</b>
 
<p>See above</p></li>
 
<li><b>Why are there no entries in the user (group) permission "Allow Access" column?</b>
 
<p>You can only allow (or deny) users access to PRIVATE forums, or forums which have one or more operations set to PRIVATE</p></li>
 
<li><b>How come I cannot set "Vote" to ALL?</b></li>
 
<p>phpBB does not by default allow guest voting. This was done to prevent guest users (who cannot be reliably tracked) from voting time and time again in the same poll. There is a Mod available if you really need this feature, please see our Mod forums at <a href="http://www.phpbb.com/phpBB/">http://www.phpbb.com/phpBB/</a>.</p>
 
<li><b>I (or my users) cannot stay logged in to the forum!</b>
 
<p>If you (or your users) are, after attempting a login, being returned to the index (or other page) without appearing to be logged in the most likely problem is incorrect cookie settings. phpBB 2 uses cookies to store a session id and a small amount of user data. For this data to be stored correctly the cookie domain, path and secure settings must be correct. You can check this in Admin->General Configuration->Cookie settings. Typically the cookie domain can be left blank and the cookie path set to / (a single forward slash). Do <b>not</b> set the cookie as being secure unless your board is running over a secure sockets layer connection, ie. https://</p>
 
<p>If you still have problems try setting the cookie domain to your full domain name, eg. www.mysystem.tld, www.something.mydomain.tld. You <b>must</b> ensure the domain name contains at least two dots or browsers will be unlikely to recognise the cookie, eg. .mydomain.com, mydomain.com. Do <b>not</b> add http:// or anything else to the domain name!</p></li>
 
<li><b>My users are complaining about being logged out too quickly!</b>
 
<p>You can increase the default length of sessions (ie. how long before a users session is considered 'dead') in Admin->General->Configuration->Cookie Settings->Session Length. Set it to whatever value your users feel comfortable with, remember that security issues may affect your decision (ie. having too long a session may allow non-users to abuse your board should a user forget to logout or otherwise leave a current session on a public workstation).</p></li>
 
<li><b>I am having problems with HTML!</b>
 
<p>If you want to allow your users to make use of HTML in posts you need to do two things. Firstly enable HTML in Admin -> General -> Configuration. Secondly to need to make sure that the tags your users will post are in the Allowed HTML Tags field (again Admin -> General -> Configuration). If users post using tags not on this list they won't be displayed as HTML! eg. to enable someone to post Flash you could add the embed tag to this field. Be careful which tags you allow, it is very easy to break the boards own output if the wrong tags are used in posts. </p></p></li>
 
<li><b>Can I suggest a feature for phpBB 3.0?</b>
 
<p>No, the feature list for phpBB 3.0 is now frozen and no new features will be added to that list. At the moment we do not accept new feature requests.</p>
<!--
You may however add requests for the next release after that, 3.2, in our feature tracker:</p>
 
<p><a href="http://sourceforge.net/tracker/?atid=580201&group_id=7885&func=browse" target="_new">http://sourceforge.net/tracker/?atid=580201&group_id=7885&func=browse</a></p>
 
<p>Before submitting your idea please <b>ensure</b> you have read through the entries in that list. If your idea is similar to an existing one please feel free to add a comment to it. Please <b>do not</b> submit duplicate suggestions!</p>
 
<p>We make no promises to the inclusion of features but we will endeavour to introduce the most requested or most interesting ones.</p></li>
//-->
<p>If you wish to follow the progress of phpBB 3.0 you may like to visit our development forum to see how things are progressing:</p>
 
<p><a href="http://area51.phpbb.com/phpBB/" target="_new">http://area51.phpbb.com/phpBB/</a></p>
 
<p>Please note that this forum should <b>NOT</b> be used to obtain support for or ask questions about phpBB 2.0.x, the main community forums are the place for this. Any such posts will be locked and go unanswered.</p>
 
<li><b>Why is phpBB 1.x faster than phpBB 2.0?</b>
 
<p>The original phpBB 1.0 saw a very large decrease in page generation times from version 1.0/1.2 to 1.4. This was achieved by rewriting many of the SQL queries and splitting the database. These changes came about from work on phpBB 2.0. With phpBB 2.0 we have introduced numerous additional functions and features, not least of which is full templating (the separation of page design from code). This results in a slowdown from phpBB 1.4, we suspect though that the new features will outweigh the small difference in page generation times.</p></p></li>
 
 
<li><b>My question isn't answered here!</b>
 
Feel free to search our community forum for the information you require. <b>PLEASE DO NOT</b> post your question without having first used search, chances are someone has already asked and answered your question. You can find our board here:</p>
 
<p><a href="http://www.phpbb.com/phpBB/" target="_new">http://www.phpbb.com/phpBB/</a></p></li>
 
</ol>
 
<h2><u>Copyright and disclaimer</u></h2>
 
<p>This application is opensource software released under the <a href="http://www.gnu.org/licenses/gpl.html" target="_new">GPL</a>. Please see source code and the Docs directory for more details. This package and its contents are Copyright © 2002 <a href="http://www.phpbb.com/" target="_new">phpBB Group</a>, All Rights Reserved.</p>
<!-- END DOCUMENT -->
 
</td>
</tr>
</table></td>
</tr>
</table>
 
</body>
</html>
/Forum/docs/INSTALL.html
0,0 → 1,259
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html">
<meta http-equiv="Content-Style-Type" content="text/css">
<title>phpBB 2.0.x :: Install</title>
<link rel="stylesheet" href="../templates/subSilver/subSilver.css" type="text/css">
<style type="text/css">
<!--
p,ul,td {font-size:10pt;}
.h2 {font-size:15pt;font-weight:bold;color:red}
.h3 {font-size:12pt;color:blue}
//-->
</style>
</head>
<body bgcolor="#E5E5E5" text="#000000" link="#006699" vlink="#006699">
 
<table width="100%" border="0" cellspacing="0" cellpadding="10" align="center">
<tr>
<td class="bodyline"><table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td>
 
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><img src="../templates/subSilver/images/logo_phpBB.gif" border="0" alt="phpBB 2 : Creating Communities" vspace="1" /></a></td>
<td align="center" width="100%" valign="middle"><span class="maintitle">phpBB 2.0.x INSTALL</span></td>
</tr>
</table>
 
<!-- BEGIN DOCUMENT -->
<p align="center"><b>Please read this document completely before proceeding with installation.</b></p>
 
<p>Please note these instructions are not fully comprehensive, a more thorough userguide will be available on the phpBB website in the near future. However, this document will walk you through the basics on installing the forum software.</p>
 
<p>A basic overview of running phpBB 2.0.x can be found in the accompanying <a href="README.html">README</a> documentation. Please ensure you read that document in addition to this! For more detailed information on using phpBB 2 you should read <a href="http://www.phpbb.com/support/guide/" target="_new">Userguide</a> now available online.</p>
 
<ol>
<li><a href="#quickinstall">Quick Install</a></li>
<li><a href="#require">Requirements</a></li>
<li><a href="#install">New Installations</a></li>
<ol type="i">
<li><a href="#fileext">Changing the file extension</a></li>
<li><a href="#phpBB1x">Replacing an old phpBB 1.x install</a></li>
<li><a href="#nonaccess">Installing on MySQL 3 and 4, PostgreSQL 7.x, MS SQL 7/2000 (inc. via ODBC)</a></li>
<li><a href="#access">Installing on MS Access 2000/XP</a></li>
<li><a href="#requireddata">Entering required data</a></li>
<li><a href="#completeinstall">Completing installation</a></li>
</ol>
<li><a href="#upgrade1.x">Upgrade from phpBB 1.4.x</a></li>
<li><a href="#upgradeb1">Upgrade from phpBB 2.0 beta-1</a></li>
<li><a href="#upgradeRC">Upgrade from previous Release Candidate versions of phpBB 2</a></li>
<ol type="i">
<li><a href="#langtempchanges">Changes in language pack format and templates</a></li>
</ol>
<li><a href="#upgradeSTABLE">Upgrade from stable releases of phpBB 2.0.x</a></li>
<ol>
<li><a href="#upgradeSTABLE_full">Full package</a></li>
<li><a href="#upgradeSTABLE_files">Changed files only</a></li>
<li><a href="#upgradeSTABLE_patch">Patch file</a></li>
<li><a href="#upgradeSTABLE_all">All package types</a></li>
</ol>
<li><a href="#postinstall">Important (security related) post-Install tasks for all installation methods</a></li>
<ol type="i">
<li><a href="#avatars">Uploadable avatars</a></li>
<li><a href="#safemode">Safe Mode</a></li>
<li><a href="#extras">Optional extras</a></li>
</ol>
<li><a href="#disclaimer">Disclaimer</a></li>
</ol>
 
<a name="quickinstall"></a><h2 class="h2"><u>1. Quick Install</u></h2>
 
<p>If you have basic knowledge of using FTP and are sure your hosting service or server will run phpBB 2 you can use these steps to quickly get started. For a more detailed explanation you should skip this and go to <a href="#require">section 2</a> below.</p>
 
<ol>
<li>Decompress the phpBB 2 archive to a local directory on your system.</li>
<li>Upload all the files contained in this archive (retaining the directory structure) to a web accessible directory on your server or hosting account.
<li>Change the permissions on config.php to be writeable by all (666 or -rw-rw-rw- within your FTP Client)</li>
<li>Using your web browser visit the location you placed phpBB 2 with the addition of install/install.php, e.g. http://www.mydomain.com/phpBB2/install/install.php, http://www.mydomain.com/forum/install/install.php etc.
<li>Fill out all the requested information and hit <i>Submit</i></li>
<li>Change the permissions on config.php to be writeable only by yourself (644 or -rw-r--r-- within your FTP Client)</li>
<li>Click the <i>Complete Installation</i> button or revisit the location you entered above.</li>
<li>phpBB 2 should now be available, please <b>MAKE SURE</b> you read at least <a href="#postinstall">Section 8</a> below for important, security related post-installation instructions.</li>
</ol>
 
<p>If you experienced problems or do not know how to proceed with any of the steps above please read the rest of this document.</p>
 
<a name="require"></a><h2 class="h2"><u>2. Requirements</u></h2>
 
<p>Installation of phpBB2 requires the following:</p>
<ul>
<li>A webserver or web hosting account running on any major Operating System</li>
<li>A SQL database system, <b>one of</b>:
<ul>
<li>MySQL (3.22 or higher)</li>
<li>PostgreSQL 7.0.3 or higher (preferably 7.1.x or 7.2.x)</li>
<li>MS SQL Server (7 or 2000) directly or via ODBC</li>
<li>MS Access (2000 or XP) via ODBC</li>
</ul>
</li>
<li>PHP (4.0.3 and above) with support for the database you intend to use above</li>
</ul>
 
<p>If your server or hosting account does not meet the requirements above I am afraid phpBB 2.0 is not for you.</p>
 
<a name="install"></a><h2 class="h2"><u>3. New Installations</u></h2>
 
<p>Installation of phpBB 2 will vary according to your server and database. If you have <i>shell access</i> to your account (via telnet or ssh for example) you may want to upload the entire phpBB 2 archive (in binary mode!) to a directory on your host and unarchive it there.</p>
 
<p>If you do not have shell access or do not wish to use it you will need to decompress the phpBB 2 archive to a local directory on your system using your favourite compression program, e.g. winzip, rar, zip, etc. From there you must FTP <b>ALL</b> the files it contains (being sure to retain the directory structure and filenames) to your host. Please ensure that the cases of filenames are retained, do <b>NOT</b> force filenames to all lower or upper case doing so will cause errors later.</p>
 
<p>All .php, .inc, .sql, .cfg and .htm files should be uploaded in <b>ASCII</b> mode, while all graphics should be uploaded in <b>BINARY</b> mode. If you are unfamiliar with what this means please refer to your FTP client documentation. In most cases this is all handled transparantly by your ftp client but if you encounter problems later you should be sure the files where uploaded correctly as described here.</p>
 
<p>phpBB2 comes supplied with English as its standard language. However a number of seperate packs for different languages are available. If you are not a native English speaker you may wish to install one or more of these packages before continuing. The installation process below will allow you to select a default language from those available (you can of course change this default at a later stage). For more details of language packs, where to obtain them and how to install them please see the <a href="README.html#i18n">README</a>.</p>
 
<p>Once all the files have been uploaded to your site you should point your browser at this location with the addition of install/install.php (please note that if you changed the extension from php, see <a href="#fileext">Section 3.i</a> below, you should alter install.php appropriately). For example if your domain name is <i>www.mydomain.tld</i> and you placed phpBB 2 in a directory /phpBB2 off your web root you would enter <i>http://www.mydomain.tld/phpBB2/install/install.php</i> into your browser. When you have done this you should see the phpBB 2 Installation screen appear.</p>
 
<a name="fileext"></a><h3 class="h3">3.i. Changing the file extension</h3>
 
<p>If the file extension used to execute PHP scripts on your server is <b>NOT</b> .php but for example .php3 or .phtml you should first rename <b>ALL</b> files ending in .php and change the value of $phpEx in <u>extension.inc</u>. In the vast majority of cases this step will be unncessary.</p>
 
<a name="phpBB1x"></a><h3 class="h3">3.ii. Replacing an old phpBB 1.x install</h3>
 
<p><b>NOTE</b>, you should <b>NOT</b> place phpBB 2 files into the same directory as any previous installation of phpBB 1.x! Create a new directory (or move your old phpBB 1.x out of the way), failure to do this will result in runtime errors.</p>
 
<a name="nonaccess"></a><h3 class="h3">3.iii. Installing on MySQL 3 and 4, PostgreSQL 7.x, MS SQL 7/2000 (inc. via ODBC)</h3>
 
<p><b>Before proceeding</b> with installation you should ensure you have a database available. Most good hosting accounts now come with at least one database as part of the basic package although it may need to be setup before first use. Ask your provider for details if you are unsure whether you do or not. If you are running your own server and are unsure how to create a database you should refer to your SQL servers documentation or website, e.g. <a href="http://www.mysql.com/doc/" target="_new">http://www.mysql.com/doc/</a>, <a href="http://www.postgresql.org/users-lounge/" target="_new">http://www.postgresql.org/users-lounge/</a>, etc.</p>
 
<p>If your database server is MySQL <b>PLEASE</b> ensure you select the appropriate version from the dropdown box. Do <b>NOT</b> select MySQL 4.x if you have MySQL 3.x (the most common type) installed, if in doubt select MySQL 3.x.</p>
 
<a name="access"></a><h3 class="h3">3.iv. Installing on MS Access 2000/XP</h3>
 
<p>Before you install phpBB 2 you need to create a <b>Data Source Name</b> or <b>DSN</b>. The exact way to do this will depend on your hosting provider, if you are unsure you should check with them before proceeding. In general though you should create a System DSN which points to the location where you have stored an unarchived copy of the ms_access_primer.mdb file (this is contained in the ms_access_primer.zip which can be found in <u>install/schemas/</u>). The name you give this DSN will be used during installation. Do not proceed until this step is complete!</p>
 
<p>Please note that MS Access support is not designed for busy boards. If you anticipate more than one or two users being online at any given time you should upgrade to a more robust server solution.</p>
 
<a name="requireddata"></a><h3 class="h3">3.v. Entering required data</h3>
 
<p>Once you have reached the installation page you need to fill out several fields. Be sure to select the right <u>database type</u>! If you do not have or do not know the <u>database name</u>, <u>database server</u>, etc. please check with your hosting provider. For <b>non-ODBC</b> databases the database server is typically localhost but this is <b>NOT</b> universal! If you are using an ODBC based database (such as MS Access or MSSQL via ODBC) you should enter the DSN here (see 2.iv.).</p>
 
<p>The <u>database prefix</u> allows you to enter a few characters, short name, etc. which all tables used by this installation will be prefixed with. The default (phpbb_) will usually be fine. However if you have more than one copy of phpBB 2 using the same database be sure to alter it or you will receive errors during installation.</p>
 
<p>The remaining information is personal to you and your site. You will need to enter a <u>username</u> and <u>password</u> for the initial administration account (more administrators can be created later). The <u>server name</u>, <u>server port</u> and <u>script path</u> are essential because all emails containing URLs will use these values. The installer will guess initial values, however they may not be correct so be sure to check them!</p>
 
<p>Remember that a domain (or server) name does <b>NOT</b> include http://! Enter just the domain name, eg. <i>www.mydomain.tld</i> and <b>NOT</b> <i>http://www.mydomain.tld/</i>. The server port can, in the great majority of cases be left as 80, this is the standard http port. However if your web server listens to a different port because for example port 80 is blocked then alter this appropriately. The script path is the relative path from your webroot where phpBB 2 is installed, e.g. if you install phpBB 2 into phpBB 2/ in your webroot then enter phpBB 2 (or /phpBB 2/) as the script path.</p>
 
<a name="completeinstall"></a><h3 class="h3">3.vi. Completing installation</h3>
 
<p>Once you have checked all the data press submit. The installation script will create and populate all the necessary tables. It will then attempt to write to the <u>config.php</u> file which will contain the basic configuration data used to run phpBB 2. If the installer cannot write <u>config.php</u> directly you will be given the option of either downloading the file or even FTPing it to the correct location. If you choose to download you should then re-upload the file to your server, overwriting the existing <u>config.php</u> in the process. If you attempt to FTP via the install script you should supply the requested information. Should FTP fail you will be able to download the file and then re-upload as described earlier.</p>
 
<p>During the installation procedure phpBB 2 will check to ensure the relevant PHP database module is available and will not proceed if it cannot be found. Should this happen be sure to check you have selected the correct database and/or ask your hosting provider for advice.</p>
 
<p><b>Do not</b> proceed untill the installation is completed and (if necessary) you have uploaded the <u>config.php</u> file.</p>
 
<a name="upgrade1.x"></a><h2 class="h2"><u>4. Upgrade from phpBB 1.4.x</u></h2>
 
<p>Before upgrading we heavily recommend you do a <u>full backup of your database</u>! If you are unsure how to achieve this please ask your hosting provider for advice. One you have backed up your database you should follow the basic instructions given for <a href="#install">New Installations</a> above. <b>However</b> instead of selecting <u>Install</u> as the <i>Installation Method</i> you should select <u>Upgrade</u>.</p>
 
<p>As with install the upgrade is automated. The config.php will be written automatically (if possible, else you will be able to download a copy as with New Installation above). Once the config.php is in place everything should proceed without error. Please note that this upgrading process may take quite some time and depending on your hosting provider this may result in it failing (due to web server or other timeout issues). If this is the case you should ask your provider if they are willing to allow the upgrade script to temporarily exceed their limits (be nice and they will probably be quite helpful).</p>
 
<p>Once completed your board should be immediately available. If you encountered errors you should restore your original database and report the problems to our bug tracker or seek help via our forums (see <a href="README.html">README</a> for details).</p>
 
<a name="upgradeb1"></a><h2 class="h2"><u>5. Upgrade from phpBB 2.0 beta-1</u></h2>
 
<p>Sorry but no direct upgrade is available from beta-1 (we did warn you!). If you are reasonably confident with the use of SQL, etc. you may be able to make the required changes to the database manually. You will need to examine the CVS check-ins to determine what needs changing where.</p>
 
<a name="upgradeRC"></a><h2 class="h2"><u>6. Upgrade from previous Release Candidate versions of phpBB 2</u></h2>
 
<p>Upgrading from these versions is generally quite easy. First you should make a copy of your existing <u>config.php</u>, keep it in a safe place! Next delete all the existing phpBB 2 files, do not leave any in place otherwise you may encounter errors later. You can leave alternative templates in-place but you should note they may not function correctly with the final release. It is therefore recommended you switch back to subSilver if you are currently using a different style. With this complete you can upload the new phpBB 2.0.0 files (see <a href="#install">New Installations</a> for details if necessary). Once complete copy back your saved <u>config.php</u>, replacing the new one.</p>
 
<p>You should now run <b>install/update_to_latest.php</b> which, depending on your previous version, will make a number of database changes. You may receive <u>FAILURES</u> during this procedure, they should not be a cause for concern unless you see an actual <u>ERROR</u>, in which case the script will stop (in this case you should seek help via our forums or bug tracker).</p>
 
<p><b>RC-2 and below MSSQL users</b>, please note that during the update procedure your existing forums table will be dropped and re-created. All data in standard fields will be retained. However if you have modified the forums table and added additional fields or altered existing ones these changes <b>WILL</b> be lost. If this is a significant issue for you we advise you comment out the "DROP FORUM TABLE" section in update_to_latest.php and instead, manually alter the forum_id column to remove the IDENTITY setting (if it exists).</p>
 
<p>Once the update_to_latest.php has completed you <b>MUST</b> proceed to the Administration General Configuration panel and check all the values in General Configuration. This is essential if you were running any version before RC-3 since extra information needs to be entered to enable correct URLs to be output in emails.</p>
 
<a name="langtempchanges"></a><h3 class="h3">6.i. Changes in language pack format and templates</h3>
 
<p>Please note that changes have been made to the format of language, image localisations and templates from previous RC's to FINAL. If you were running a release candidate prior to RC-3 you will <b>need</b> to download new language and image localisation packs. You can safely delete any existing <u>*_lang.gif</u> files in the subSilver/images directory since these are no longer utilised. If you are using or have installed any 3rd party template set you must either remove it or update it. Changes have been made to a number of template variables which will result in these not working unless they have been updated to meet phpBB 2.0.x standards.</p>
 
<a name="upgradeSTABLE"></a><h2 class="h2"><u>7. Upgrade from previous stable (released) versions of phpBB 2</u></h2>
 
<p>If you are currently using a stable release of phpBB 2 updating to this version is straightforward. You would have downloaded one of three packages and your choice determines what you need to do. <b>Please Note</b>: That before upgrading we heavily recommend you do a <u>full backup of your database and existing phpBB2 source files</u>! If you are unsure how to achieve this please ask your hosting provider for advice.</p>
 
<p><b>MySQL Users Please Note</b>: Changes introduced in 2.0.4 may increase the size of your database, more specifically the search_wordmatch table. There are other changes in that release which are designed to reduce the database size. However these additional changes may not apply to all types of forum (particularly non-English boards). While any increases will be relatively small compared to the overall database size it may be an issue for some users. In particular users on hosting plans which limit database size and where the database is near that limit.</p>
 
<p><b>Please make sure you update your phpBB2 source files too, even if you run the update_to_latest.php file.</b></p>
 
<a name="upgradeSTABLE_full"></a><h3 class="h3">7.i. Full package</h3>
 
<p>If you have downloaded the full package you should follow the same general upgrade path as for "<a href="#upgradeRC">Upgrade from previous Release Candidate versions of phpBB 2</a>". The exception to this being the need to switch or update styles. In addition there is generally little need to visit the admin panel (though it is adviseable).</p>
 
<a name="upgradeSTABLE_files"></a><h3 class="h3">7.ii. Changed files only</h3>
 
<p>This package contains a number of archives, each contains the files changed from a given release to the latest version. You should select the appropriate archive for your current version, e.g. if you currently have 2.0.20 you should select the phpBB-2.0.20_to_2.0.21.zip/tar.gz file.</p>
 
<p>The directory structure has been preserved enabling you (if you wish) to simply upload the contents of the archive to the appropriate location on your server, i.e. simply overwrite the existing files with the new versions. Do not forget that if you have installed any Mods these files will overwrite the originals possibly destroying them in the process. You will need to re-add Mods to any affected file before uploading.</p>
 
<p>As for the other upgrade procedures you should run <b>install/update_to_latest.php</b> after you have finished updating the files. This will update your database schema and increment the version number.</p>
 
<a name="upgradeSTABLE_patch"></a><h3 class="h3">7.iii. Patch file</h3>
 
<p>The patch file is probably the best solution for those with many Mods or other changes who do not want to re-add them back to all the changed files. To use this you will need command line access to a standard UNIX type <b>patch</b> application.</p>
 
<p>A number of patch files are provided to allow you to upgrade from previous stable releases. Select the correct patch, e.g. if your current version is 2.0.20 you need the phpBB-2.0.20_to_2.0.21.patch. Place the correct patch in the parent directory containing the phpBB 2 core files (i.e. index.php, viewforum.php, etc.). With this done you should run the following command: <b>patch -cl -d [PHPBB DIRECTORY] -p1 &lt; [PATCH NAME]</b> (where PHPBB DIRECTORY is the directory name your phpBB Installation resides in, for example phpBB2, and where PATCH NAME is the relevant filename of the selected patch file). This should complete quickly, hopefully without any HUNK FAILED comments.</p>
 
<p>If you do get failures you should look at using the <a href="#upgradeSTABLE_files">Changed files only</a> package to replace the files which failed to patch, please note that you will need to manually re-add any Mods to these particular files. Alternatively if you know how you can examine the .rej files to determine what failed where and make manual adjustments to the relevant source.</p>
 
<p>You should of course delete the patch file (or files) after use. As for the other upgrade procedures you should run <b>install/update_to_latest.php</b> after you have finished updating the files. This will update your database schema and data (if appropriate) and increment the version number.</p>
 
<a name="upgradeSTABLE_all"></a><h3 class="h3">7.iv. All package types</h3>
 
<p>If you have non-English language packs installed you may want to see if a new version has been made available. A number of missing strings have been added which, though not essential, may be beneficial to users. Please note that at this time not all language packs have been updated so you should be prepared to periodically check for updates.</p>
 
<a name="postinstall"></a><h2 class="h2"><u>8. Important (security related) post-Install tasks for all installation methods</u></h2>
 
<p>Once you have succssfully installed phpBB 2.0.x you <b>MUST</b> ensure you remove the entire install/ and contrib/ directories. Leaving these in place is a <u>very serious potential security issue</u> which may lead to deletion or alteration of files, etc. Please note that until these directories are remove phpBB2 will not operate and a warning message will be displayed. Beyond these <b>essential</b> deletions you may also wish to delete the docs/ directories if you wish.</p>
 
<p>With these directories deleted you should proceed to the administration panel. Depending on how the installation completed you may have been directed there automatically. If not, login as the administrator you specified during install/upgrade and click the "<b>Administration Panel</b>" link at the bottom of any page. Ensure that details specified in General -> Configuration are correct!</p>
 
<a name="avatars"></a><h3 class="h3">8.i. Uploadable avatars</h3>
 
<p>phpBB 2 supports several methods for allowing users to select their own <i>avatar</i> (an avatar is a small image generally unique to a user and displayed just below their username in posts).</p>
 
<p>Two of these options allow users to upload an avatar from their machine or a remote location (via a URL). If you wish to enable this function you should first ensure the correct paths for uploadeable avatars is set in Admin -> General -> Configuration -> Avatars. By default this is <u>images/avatars</u> but you can set it to whatever you like, just ensure the configuration setting is updated. You must also ensure this directory can be written to by the webserver. Usually this means you have to alter its permissions to allow anyone to read and write to. Exactly how you should do this depends on your ftp client or server operating system.</p>
 
<p>On UNIX systems for example you set the directory to a+rwx (or ugo+rwx or even 777). This can be done from a command line on your server using chmod or via your FTP client (using the Change Permissions, chmod or other Permissions dialoge box, see your FTP clients documentation for help). Most FTP clients list permissions in the form of User (Read, Write, Execute), Group (Read, Write, Execute) and Other (Read, Write, Execute). You need to tick all of these boxes to set correct permissions.</p>
 
<p>On Windows system you need to ensure the directory is not write-protected and that it has global write permissions (see your servers documentation or contact your hosting provider if you are unsure on how to achieve this).</p>
 
<p>Please be aware that setting a directories permissions to global write access is a potential security issue. While it is unlikely that anything nasty will occur (such as all the avatars being deleted) there are always people out there out to cause trouble. Therefore you should monitor this directory and if possible make regular backups.</p>
 
<a name="safemode"></a><h3 class="h3">8.ii. Safe Mode</h3>
 
<p>phpBB 2.0.x includes support for using uploadable avatars on systems running PHP in safe mode. If this applies to your hosting service you will need to create a sub-directory called <u>tmp</u> in the directory you specified for storage of uploaded avatars (by default this is images/avatars as explained above). Give it the same access rights as for uploadable avatars above.</p>
 
<p>This safe mode support includes compatibility with various directory restrictions your host may impose (assuming they are not too restrictive and that the PHP installed is version 4.0.3 or later). There is generally no need for any manual setup for safe mode support it is typically handled transparantly.</p>
 
<a name="extras"></a><h3 class="h3">8.iii. Optional extras</h3>
 
<p>Included with this package are two extra (optional) files, you will find them in the <u>contrib/</u> directory. These extras, <i>template_file_cache.php</i> and <i>template_db_cache.php</i> address concerns over server load and page generation times on slower or heavily loaded systems. These updated template modules compile each template and uses this rather than compiling each file everytime it is viewed. Tests seem to indicate a noticeable decrease in page generation times and more importantly a significant decrease in overall server load in virtual hosting environments.</p>
 
<p>You should see the <a href="../contrib/README.html">README</a> contained within the contrib directory for more details.</p>
 
<a name="disclaimer"></a><h2 class="h2"><u>9. Copyright and disclaimer</u></h2>
 
<p>This application is opensource software released under the <a href="http://www.gnu.org/licenses/gpl.html" target="_new">GPL</a>. Please see source code and the Docs directory for more details. This package and its contents are Copyright © 2002 <a href="http://www.phpbb.com/" target="_new">phpBB Group</a>, All Rights Reserved.</p>
<!-- END DOCUMENT -->
 
</td>
</tr>
</table></td>
</tr>
</table>
 
</body>
</html>
/Forum/docs/README.html
0,0 → 1,224
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html">
<meta http-equiv="Content-Style-Type" content="text/css">
<title>phpBB 2.0.x :: Readme</title>
<link rel="stylesheet" href="../templates/subSilver/subSilver.css" type="text/css" />
<style type="text/css">
<!--
p,ul,td {font-size:10pt;}
.h2 {font-size:15pt;font-weight:bold;color:red}
.h3 {font-size:12pt;color:blue}
//-->
</style>
</head>
<body bgcolor="#E5E5E5" text="#000000" link="#006699" vlink="#006699">
 
<table width="100%" border="0" cellspacing="0" cellpadding="10" align="center">
<tr>
<td class="bodyline"><table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td>
 
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><img src="../templates/subSilver/images/logo_phpBB.gif" border="0" alt="phpBB 2 : Creating Communities" vspace="1" /></a></td>
<td align="center" width="100%" valign="middle"><span class="maintitle">phpBB 2.0.x README</span></td>
</tr>
</table>
 
<!-- BEGIN DOCUMENT -->
<p>Thank you for downloading phpBB 2, the long awaited re-write of the popular phpBB 1.x online community forum. This README will guide through the basics of installation and operation of phpBB 2. Please ensure you read this and the accompanying documentation fully <b>before</b> proceeding with the installation.</p>
 
<ol>
<li><a href="#install">Installing phpBB 2</a></li>
<li><a href="#run">Running phpBB 2</a></li>
<ol type="i">
<li><a href="#i18n">Internationalisation (i18n)</a></li>
<li><a href="#styles">Styles</a></li>
<li><a href="#mods">Mods</a></li>
</ol>
<li><a href="#help">Getting help with phpBB 2</a></li>
<ol type="i">
<li><a href="#userguide">Userguide</a></li>
<li><a href="#website">Community Forums</a></li>
<li><a href="#irc">Internet Relay Chat</a></li>
</ol>
<li><a href="#status">Status of this version</a></li>
<li><a href="#bugs">Reporting Bugs</a></li>
<ol>
<li><a href="#securitybugs">Security related bugs</a></li>
</ol>
<li><a href="#curbugs">Overview of current bug list</a></li>
<li><a href="#php">PHP compatibility issues</a></li>
<ol type="i">
<li><a href="#phpsec">Notice on PHP security issues</a></li>
</ol>
<li><a href="#disclaimer">Disclaimer</a></li>
</ol>
 
<a name="install"></a><h2 class="h2"><u>1. Installing phpBB 2</u></h2>
 
<p>Installation and upgrade instructions can be found in the <a href="INSTALL.html">INSTALL</a> document contained in this distribution. If you are intending to upgrade from a previous phpBB 1.4.x installation we highly recommend you backup any existing data before proceeding!</p>
 
<p><b>Please note</b> that users of Release Candidate (RC) versions of phpBB 2 should run the update_to_latest.php script <b>BEFORE</b> attempting to access your board. Failing to do so may result in errors and unexpected behaviour! While these won't do any damage they will prevent you using your board.</p>
 
<p>If you are using RC-1 (pre) you may find some other DB changes have occured and should examine the schemas to see if your installation requires any modifications (note that most of these have already been discussed on the phpBB 2 forums and are handled by the update script). If you are uncomfortable doing any of this we recommend you re-install (you may backup your existing data if you wish, re-install phpBB 2 and then insert your backup).</p>
 
<p>Users of phpBB 2.0 Beta-1 cannot directly upgrade to phpBB 2.0 RC-2, 3 or 4, sorry.</p>
 
<a name="run"></a><h2 class="h2"><u>2. Running phpBB 2</u></h2>
 
<p>Once installed phpBB 2.0 is easily managed by both admin and moderator control panels. If you need help or advice with phpBB 2 please see <a href="#help">Section 3</a> below.</p>
 
<a name="i18n"></a><h3 class="h3">2.i. Internationalisation, i18n</h3>
 
<p>A number of language packs and subSilver localisations are now available. You can find them on our official download page:</p>
 
<p><a href="http://www.phpbb.com/downloads.php#lang" target="_new">http://www.phpbb.com/downloads.php</a></p>
 
<p>This is the <i>Official</i> location for all support language sets. If you download a package from a 3rd party site you do so with the understanding that we cannot offer support. So please, do not ask for help in these cases!</p>
 
<p>Installation of these packages is straightforward, simply download the required language pack and unarchive it into the languages/ folder. Please ensure you retain the directory structure when doing this! To install the subSilver image packs you should unarchive the file/s into the templates/subSilver/images directory, again you must retain the directory structure. Once installed the languages will become immediately available.</p>
 
<p>If your language is not available please visit our forums where you will find a topic listing translations currently available or in preparation. This topic also gives you information should you wish to volunteer to translate a language not currently listed</p>
 
<p><b>Please note</b> that users who have upgraded to the latest version from versions prior to RC-3 should will <b>need</b> to download new versions of the language/subSilver image packs. Any package downloaded prior to the availability of RC-3 will <b>not</b> function correctly with this version of phpBB 2.</p>
 
<p>If you have upgraded from 2.0.0 and make use of non-English language packs you will benefit from downloading updated versions which will become available shortly. These introduce a number of strings which went missing from the first version plus a few updates and additions.</p>
 
<a name="styles"></a><h3 class="h3">2.ii. Styles</h3>
 
<p>Although phpBB Group are rather proud of the subSilver style (which has influenced many of our competitors boards <i>updated</i> designs!) we realise that it may not be to everyones tastes. Therefore phpBB 2 allows styles to be switched with relative ease. Firstly you need to locate and download a style you like. We maintain such a site at</p>
 
<p><a href="http://www.phpbb.com/styles/" target="_new">http://www.phpbb.com/styles/</a></p>
 
<p><b>Please note</b> that 3rd party styles downloaded for versions of phpBB 2 prior to its final (2.0.x) release will <b>not</b> function correctly. You should either remove these styles or (if available) update them to meet changes in 2.0.x.</p>
 
<p>Once you have downloaded a style the usual next step is to unarchive (or upload the unarchived contents of) the package into your templates/ directory. You then need to visit Administration -> Styles -> Add, you should see the new style available, click add and it will become available for all your users.</p>
 
<a name="mods"></a><h3 class="h3">2.iii. Mods</h3>
 
<p>Although not officially supported by phpBB Group, phpBB 2 has a thriving mod (formerly known as <i>hacks</i>) scene. These third party modifications to the standard phpBB 2 extend its capabilities still further and can be found at:</p>
 
<p><a href="http://www.phpbb.com/mods" target="_new">http://www.phpbb.com/mods</a></p>
 
<p><b>Please remember</b> that any bugs or other issues that occur after you have added any modification should <b>NOT</b> be reported to the bug tracker (see below). First remove the modification and see if the problem is resolved.</p>
 
<p>Also remember that any modifications which modify the database in any way may render upgrading your forum to future versions more difficult unless we state otherwise. With all this said many users have and continue to utilise many of the mods already available with great success</p>
 
<a name="help"></a><h2 class="h2"><u>3. Getting help with phpBB 2</u></h2>
 
<p>phpBB 2 can seem a little daunting to new users in places, particularly with regard the permission system. The first thing you should do is check the <a href="FAQ.html">FAQ</a> which covers a few basic getting started questions. If you need additional help there are several places you should look.</p>
 
<a name="userguide"></a><h3 class="h3">3.i. phpBB 2 Userguide</h3>
 
<p>A comprehensive userguide is now available online and can be accessed from the following location:</p>
 
<p><a href="http://www.phpbb.com/support/guide/" target="_new">http://www.phpbb.com/support/guide/</a></p>
 
<p>This covers everything from installation through setting permissions and managing users.</p>
 
<a name="website"></a><h3 class="h3">3.ii. Community Forums</h3>
 
<p>phpBB Group maintains a thriving community where a number of people have generously decided to donate their time to help support users. This site can be found at:</p>
 
<p><a href="http://www.phpbb.com/" target="_new">http://www.phpbb.com/</a></p>
 
<p>If you do seek help via our forums please be sure to do a Search before posting. This may well save both you and us time and allow the developer, moderator and support groups to spend more time responding to people with unknown issues and problems. Please also remember that phpBB is an entirely volunteer effort, no one receives any compensation for the time they give, this includes moderators as well as developers. So please be respectful and mindful when awaiting responses.</p>
 
<a name="irc"></a><h3 class="h3">3.iii Internet Relay Chat</h3>
 
<p>Another place you may find help is our IRC channel. This operates on the Freenode IRC network, <b>irc.freenode.net</b> and the channel is <b>#phpbb</b> and can be accessed by any good IRC client such as mIRC, XChat, etc. Again, please do not abuse this service and be respectful of other users.</p>
 
<a name="status"></a><h2 class="h2"><u>4. Status of this version</u></h2>
 
<p>This is the second stable release of phpBB 2. The 2.0.x line is essentially feature frozen, point releases will see only bugs and such like fixed. Our next major release will be phpBB 3.0 and work is progressing on this (the unstable development version is 2.1). Please do not post questions asking when 3.0 will be available, no release date has been set. phpBB 3.0 is now feature frozen, please feel free to suggest new features for phpBB 3.2 using our feature request tracker. We do not guarantee that all these will appear in 3.2 but we will do our best!:</p>
 
<p><a href="http://sourceforge.net/tracker/?atid=580201&group_id=7885&func=browse" target="_new">http://sourceforge.net/tracker/?atid=580201&group_id=7885&func=browse</a></p>
 
<p>Before submitting your idea please <b>ensure</b> you have read through the entries in that list. If your idea is similar to an existing one please feel free to add a comment to it. Please <b>do not</b> submit duplicate suggestions!</p>
 
<p>For some suggestions we may ask for your feedback via our forums. For those interested in the development of phpBB 3.0 you should keep an eye on the community forums (particularly the Feature Discussion forum) where you may be able to influence the direction we take with certain new features. Finally you may like to visit our development forum to see how things are progressing:</p>
 
<p><a href="http://area51.phpbb.com/phpBB/" target="_new">http://area51.phpbb.com/phpBB/</a></p>
 
<p>Please note that this forum should <b>NOT</b> be used to obtain support for or ask questions about phpBB 2.0.x, the main community forums are the place for this. Any such posts will be locked and go unanswered.</p>
 
<a name="bugs"></a><h2 class="h2"><u>5. Reporting Bugs</u></h2>
 
<p>The phpBB Group uses a bug tracking system to store, list and manage all reported bugs, it can be found at the location listed below. Please <b>DO NOT</b> post bug reports to our forums, they will be locked. In addition please <b>DO NOT</b> use the bug tracker for support requests. Posting such a request will only see you directed to the support forums (while taking time away from working on real bugs).</p>
 
<p><a href="http://www.phpbb.com/bugs/" target="_new">http://www.phpbb.com/bugs/</a></p>
 
<p>While we very much appreciate receiving bug reports (the more reports the more stable phpBB 2 will be) we ask you carry out a few steps before adding new entries:</p>
<ul>
<li>Firstly determine if your bug is reproduceable, how to determine this depends on the bug in question. Only if the bug is reproduceable is it likely to be a problem with phpBB 2.0 (or in some way connected). If something cannot be reproduced it may turn out to have been your hosting provider working on something, a user doing something silly, etc. Bug reports for non-reproduceable events can slow down our attempts to fix real, reproduceable issues<br /><br /></li>
<li>Next please read or search through the existing bug reports (remember to check open <b>AND</b> closed reports!) to see if <i>your</i> bug (or one very similar to it) is already listed. If it is please add to that existing bug rather than creating a new duplicate entry (all this does is slow us down).<br /><br /></li>
<li>Check the forums (use search!) to see if people have discussed anything that sounds similar to what you are seeing. However, as noted above please <b>DO NOT</b> post your particular bug to the forum unless it's non-reproduceable or you are sure it's related to something you have done rather phpBB 2.0<br /><br /></li>
<li>If no existing bug exists then please feel free to add it</li>
</ul>
 
<p>If you do post a new bug (i.e. one that isn't already listed in the bug tracker) firstly make sure you have logged in (your username and password are the same as for the community forums) then please include the following details:</p>
<ul>
<li>Your server type/version, eg. Apache 1.2.22, IIS 4, Sambar, etc.</li>
<li>PHP version and mode of operation, eg. PHP 4.1.1 as a module, PHP 4.0.1 running as CGI, etc.</li>
<li>DB type/version, eg. MySQL 3.23.32, PostgreSQL 7.1.2, MSSQL Server 2000 SP1, etc.</li>
</ul>
 
<p>Please also be as detailed as you can in your report, if possible list the steps required to duplicate the problem. If you have a fix which you are <b>VERY SURE</b> works (and is consistent with our coding guidelines) and does not introduce further problems or incompatibilities please let us know. However only include it in the bug report if you really must, if we need it we'll ask you for it.</p>
 
<p>Once a bug has been submitted you will be emailed any follow up comments added to it. <b>Please</b> if you are requested to supply additional information, <b>do so</b>! It is <u>extremely frustrating</u> for us to receive bug reports, ask for additional information but get nothing. In these cases we have a policy of <u>closing the bug</u>, which may leave a very real problem in place. Obviously we would rather not have this situation arise.</p>
 
<a name="securitybugs"></a><h3 class="h3">5.i. Security related bugs</h3>
 
<p>If you find a potential security related vulnerability in phpBB 2 please <b>DO NOT</b> post it to the bug tracker, public forums, mailing lists, etc.! Doing so may allow unscrupulous users to take advantage of it before we have time to put a fix in place. All security related bugs should be sent to our security tracker:</p>
 
<p><a href="http://www.phpbb.com/security/" target="_new">http://www.phpbb.com/security/</a></p>
 
<a name="curbugs"></a><h2 class="h2"><u>6. Overview of current bug list</u></h2>
 
<p>This list is not complete (see above link for full list) but does represent those bugs which may effect users on a wider scale. Other bugs listed in the tracker have typically been shown to be limited to certain setups or methods of installation/upgrade.</p>
 
<ul>
<li>First four characters of some posted content disappears - this is an issue with PHP not phpBB</li>
<li>Cannot post very large messages when using PostgreSQL 7.0.x (limitation of Postgresql 7.0.x)</li>
<li>By default cannot post very large messages with MSSQL (this can be configured within MSSQL)</li>
<li>Use of non-latin charsets with MSSQL may result in post data being cropped unexpectedly</li>
<li>Upgrade may fail to complete on large boards under some hosts</li>
<li>Case-sensitivity on usernames and emails with PostgreSQL 7.x. A fix is provided by a user <a href="http://www.phpbb.com/kb/article.php?article_id=201" target="_new">within our knowledge base</a></li>
</ul>
 
<a name="php"></a><h2 class="h2"><u>7. PHP compatibility issues</u></h2>
 
<p>phpBB is no longer supported on PHP3 due to several compatibility issues and we recommend that you upgrade to the latest stable release of PHP4 to run phpBB.</p>
 
<p>Please remember that running any application on a developmental version of PHP can lead to strange/unexpected results which may appear to be bugs in the application (which may not be true). Therefore we recommend you upgrade to the newest stable version of PHP before running phpBB 2. If you are running a developmental version of PHP please check any bugs you find on a system running a stable release before submitting.</p>
 
<p>This board has been developed and tested under Linux and Windows (amongst others) running IIS and Apache using MySQL 3.23 and 4.0.0, MSSQL Server 2000, MS Access 2000 and XP and PostgreSQL 7.x. Versions of PHP used range from 4.0.6 to 4.3.8 without problem. There may be unconfirmed issues with PHP 4.0.1 including patch level releases. If you experience problems with phpBB and have this PHP version installed it is recommended you upgrade it before posting bug reports.</p>
 
<p>With the recent release of the official version of PHP 5, people and hosts may be switching to the latest PHP version. At this moment, the phpBB Team does not officially support running phpBB on PHP 5, as phpBB2.0.x was not written with PHP 5 in mind. However, many users have reported using it sucessfully on PHP 5 having made a configuration change in PHP to enable support for the deprecated HTTP_*_VARS arrays which is turned off by default in new PHP 5 installations. The relevant configuration option is register_long_arrays and it is decribed in the PHP Manual. phpBB 2.0.x makes use of these arrays in order to maintain backwards compatibility with early versions of PHP 4.x which is part of the original specification.<br />
For this reason we do not support PHP 5 as platform for phpBB. It has been reported working, so you can try it. It's a risk you will be taking though.</p>
 
<a name="phpsec"></a><h3 class="h3">7.i. Notice on PHP security issues</h3>
 
<p>At the end of February 2002 a <a href="http://security.e-matters.de/advisories/012002.html" target="_new">major security issue</a> was found with PHP 3 and 4 which has resulted in many hosting providers disabling file uploads (although patches fixing the security issues are available and new versions of PHP 4 have been released).</p>
 
<p>Because of this, and to cope with situations where hosts didn't allow such uploads anyway we have implemented various checks in phpBB 2. These checks prevent you from enabling or making use of functions which will not operate correctly on PHP as installed on your server. At this time this includes locally uploaded avatars and DB restore.</p>
 
<p>Third party mods may also be effected but these are outside our control, you should contact the mod writer for more information.</p>
 
<a name="disclaimer"></a><h2 class="h2"><u>8. Copyright and disclaimer</u></h2>
 
<p>This application is opensource software released under the <a href="http://www.gnu.org/licenses/gpl.html" target="_new">GPL</a>. Please see source code and the Docs directory for more details. This package and its contents are Copyright © 2002 <a href="http://www.phpbb.com/" target="_new">phpBB Group</a>, All Rights Reserved.</p>
<!-- END DOCUMENT -->
 
</td>
</tr>
</table></td>
</tr>
</table>
 
</body>
</html>
/Forum/docs/coding-guidelines.txt
0,0 → 1,26
CODING GUIDELINES : Initials by psoTFX (July 2001)
-----------------
 
* The coding style is defined in the codingstandards.html file, all attempts should be made to follow it as closely as possible
 
* All SQL should be cross-DB compatible, if DB specific SQL is used alternatives must be provided which work on all supported DB's (MySQL, MSSQL (7.0 and 2000), PostgreSQL (7.0+), Oracle8, ODBC (generalised if possible, otherwise MS Access, DB2))
 
* All SQL commands should utilise the DataBase Abstraction Layer (DBAL)
 
* All URL's (and form actions) _must_ be wrapped in append_sid, this ensures the session_id is propagated when cookies aren't available
 
* The minimum amount of data should be passed via GET or POST, checking should occur within individual scripts (to prevent spoofing of information)
 
* The auth function should be used for all authorisation checking
 
* Sessions should be initiated on each page, as near the top as possible using the session_pagestart function (userdata should be obtained by calling the init_userprefs immediately after session initialisation)
 
* Login checks should be forwarded to the login page (supplying a page to forward onto once check is complete if required)
 
* All template variables should be named appropriately (using underscores for spaces), language entries should be prefixed with L_, system data with S_, urls with U_, all other variables should be presented 'as is'.
 
* Functions used by more than page should be placed in functions.php, functions specific to one page should be placed on that page (at the top to maintain compatibility with PHP3) surrounded by comments indicating the start and end of the function block
 
* All messages/errors should be output by the message_die function using the appropriate message type (see function for details)
 
* No attempt should be made to remove any copyright information (either contained within the source or displayed interactively when the source is run/compiled), neither should the copyright information be altered in any way (it may be added to)
/Forum/docs/codingstandards.htm
0,0 → 1,327
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<!-- saved from url=(0044) -->
<HTML><HEAD><TITLE>phpBB Coding Standard Guidelines</TITLE>
<META content="text/html; charset=windows-1252" http-equiv=Content-Type>
<META content="MSHTML 5.00.2920.0" name=GENERATOR></HEAD>
<BODY aLink=#cccccc bgColor=#ffffff link=#0000ff text=#000000
vLink=#0000ff><FONT face=verdana,arial,tahoma size=-1><A name=top></A>
<H2>phpBB Coding Standard Guidelines</H2>Comments or suggestions? email <A
href="mailto:nate@phpbb.com">nate@phpbb.com</A><BR><BR><A
href="#editor">Editor
Settings</A><BR><A
href="#naming">Naming
Conventions</A><BR><A
href="#layout">Code Layout</A><BR><A
href="#general">General
Guidelines</A><BR><BR><BR><A name=editor></A><A
href="#top">top</A>
<H3>Editor Settings</H3>
<P><B>Tabs vs Spaces:</B> In order to make this as simple as possible, we will
be using tabs, not spaces. Feel free to set how many spaces your editor uses
when it <B>displays</B> tabs, but make sure that when you <B>save</B> the file,
it's saving tabs and not spaces. This way, we can each have the code be
displayed the way we like it, without breaking the layout of the actual files.
</P>
<P><B>Linefeeds:</B> Ensure that your editor is saving files in the UNIX format.
This means lines are terminated with a newline, not with a CR/LF combo as they
are on Win32, or whatever the Mac uses. Any decent Win32 editor should be able
to do this, but it might not always be the default. Know your editor. If you
want advice on Windows text editors, just ask one of the developers. Some of
them do their editing on Win32. </P><BR><BR><A name=naming></A><A
href="#top">top</A>
<H3>Naming Conventions</H3>
<P>We will not be using any form of hungarian notation in our naming
conventions. Many of us believe that hungarian naming is one of the primary code
obfuscation techniques currently in use. </P>
<P><B>Variable Names:</B> Variable names should be in all lowercase, with words
separated by an underscore. <BR><BR>&nbsp;&nbsp;&nbsp;&nbsp;Example: <CODE><FONT
size=+1>$current_user</FONT></CODE> is right, but <CODE><FONT
size=+1>$currentuser</FONT></CODE> and <CODE><FONT
size=+1>$currentUser</FONT></CODE> are not. <BR><BR>Names should be descriptive,
but concise. We don't want huge sentences as our variable names, but typing an
extra couple of characters is always better than wondering what exactly a
certain variable is for. </P>
<P><B>Loop Indices:</B> The <I>only</I> situation where a one-character variable
name is allowed is when it's the index for some looping construct. In this case,
the index of the outer loop should always be $i. If there's a loop inside that
loop, its index should be $j, followed by $k, and so on. If the loop is being
indexed by some already-existing variable with a meaningful name, this guideline
does not apply. <BR><BR>&nbsp;&nbsp;&nbsp;&nbsp;Example: <PRE><FONT size=+1>
for ($i = 0; $i &lt; $outer_size; $i++)
{
for ($j = 0; $j &lt; $inner_size; $j++)
{
foo($i, $j);
}
} </FONT></PRE>
<P></P>
<P><B>Function Names:</B> Functions should also be named descriptively. We're
not programming in C here, we don't want to write functions called things like
"stristr()". Again, all lower-case names with words separated by a single
underscore character. Function names should preferably have a verb in them
somewhere. Good function names are <CODE><FONT
size=+1>print_login_status()</FONT></CODE>, <CODE><FONT
size=+1>get_user_data()</FONT></CODE>, etc.. </P>
<P><B>Function Arguments:</B> Arguments are subject to the same guidelines as
variable names. We don't want a bunch of functions like: <CODE><FONT
size=+1>do_stuff($a, $b, $c)</FONT></CODE>. In most cases, we'd like to be able
to tell how to use a function by just looking at its declaration. </P>
<P><B>Summary:</B> The basic philosophy here is to not hurt code clarity for the
sake of laziness. This has to be balanced by a little bit of common sense,
though; <CODE><FONT size=+1>print_login_status_for_a_given_user()</FONT></CODE>
goes too far, for example -- that function would be better named <CODE><FONT
size=+1>print_user_login_status()</FONT></CODE> , or just <CODE><FONT
size=+1>print_login_status()</FONT></CODE>. </P><BR><BR><A name=layout></A><A
href="#top">top</A>
<H3>Code Layout</H3>
<P><B>Standard header for new files:</B> Here a template of the header that must
be included at the start of all phpBB files: <PRE><FONT size=+1>
/***************************************************************************
filename.php
-------------------
begin : Sat June 17 2000
copyright : (C) 2000 The phpBB Group
email : support@phpBB.com
$Id: codingstandards.htm,v 1.3 2001/06/09 21:00:12 natec Exp $
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
</FONT></PRE>
<P></P>
<P><B>Always include the braces:</B> This is another case of being too lazy to
type 2 extra characters causing problems with code clarity. Even if the body of
some construct is only one line long, do <I>not</I> drop the braces. Just don't.
<BR><BR>&nbsp;&nbsp;&nbsp;Examples:<PRE><FONT size=+1>
/* These are all wrong. */
if (condition) do_stuff();
if (condition)
do_stuff();
while (condition)
do_stuff();
for ($i = 0; $i &lt; size; $i++)
do_stuff($i);
/* These are right. */
if (condition)
{
do_stuff();
}
while (condition)
{
do_stuff();
}
for ($i = 0; $i &lt; size; $i++)
{
do_stuff();
}
</FONT></PRE>
<P></P>
<P><B>Where to put the braces:</B> This one is a bit of a holy war, but we're
going to use a style that can be summed up in one sentence: Braces always go on
their own line. The closing brace should also always be at the same column as
the corresponding opening brace. <BR><BR>&nbsp;&nbsp;&nbsp;Examples:<PRE><FONT size=+1>
if (condition)
{
while (condition2)
{
...
}
}
else
{
...
}
 
for ($i = 0; $i &lt; $size; $i++)
{
...
}
while (condition)
{
...
}
function do_stuff()
{
...
}
</FONT></PRE>
<P></P>
<P><B>Use spaces between tokens:</B> This is another simple, easy step that
helps keep code readable without much effort. Whenever you write an assignment,
expression, etc.. Always leave <I>one</I> space between the tokens. Basically,
write code as if it was English. Put spaces between variable names and
operators. Don't put spaces just after an opening bracket or before a closing
bracket. Don't put spaces just before a comma or a semicolon. This is best shown
with a few examples. <BR><BR>&nbsp;&nbsp;&nbsp;Examples:<PRE><FONT size=+1>
/* Each pair shows the wrong way followed by the right way. */
$i=0;
$i = 0;
if($i&lt;7) ...
if ($i &lt; 7) ...
if ( ($i &lt; 7)&amp;&amp;($j &gt; 8) ) ...
if (($i &lt; 7) &amp;&amp; ($j &gt; 8)) ...
do_stuff( $i, "foo", $b );
do_stuff($i, "foo", $b);
for($i=0; $i&lt;$size; $i++) ...
for($i = 0; $i &lt; $size; $i++) ...
$i=($j &lt; $size)?0:1;
$i = ($j &lt; $size) ? 0 : 1;
</FONT></PRE>
<P></P>
<P><B>Operator precedence:</B> Do you know the exact precedence of all the
operators in PHP? Neither do I. Don't guess. Always make it obvious by using
brackets to force the precedence of an equation so you know what it does.
<BR><BR>&nbsp;&nbsp;&nbsp;Examples:<PRE><FONT size=+1>
/* what's the result? who knows. */
$bool = ($i &lt; 7 &amp;&amp; $j &gt; 8 || $k == 4);
/* now you can be certain what I'm doing here. */
$bool = (($i &lt; 7) &amp;&amp; (($j &lt; 8) || ($k == 4)))
</FONT></PRE>
<P></P>
<P><B>SQL code layout:</B> Since we'll all be using different editor settings,
don't try to do anything complex like aligning columns in SQL code. Do, however,
break statements onto their own lines. Here's a sample of how SQL code should
look. Note where the lines break, the capitalization, and the use of brackets.
<BR><BR>&nbsp;&nbsp;&nbsp;Examples:<PRE><FONT size=+1>
SELECT field1 AS something, field2, field3
FROM table a, table b
WHERE (this = that) AND (this2 = that2)
</FONT></PRE>
<P></P>
<P><B>SQL insert statements:</B> SQL INSERT statements can be written in two
different ways. Either you specify explicitly the columns being inserted, or
you rely on knowing the order of the columns in the database and do not
specify them. We want to use the former approach, where it is explicitly
stated whcih columns are being inserted. This means our application-level code
will not depend on the order of the fields in the database, and will not be broken
if we add additional fields (unless they're specified as NOT NULL, of course).
<BR><BR>&nbsp;&nbsp;&nbsp;Examples:<PRE><FONT size=+1>
# This is not what we want.
INSERT INTO mytable
VALUES ('something', 1, 'else')
# This is correct.
INSERT INTO mytable (column1, column2, column3)
VALUES ('something', 1, 'else')
</FONT></PRE>
<P></P><BR><BR><A name=general></A><A
href="#top">top</A>
<H3>General Guidelines</H3>
<P><B>Quoting strings:</B> There are two different ways to quote strings in PHP
- either with single quotes or with double quotes. The main difference is that
the parser does variable interpolation in double-quoted strings, but not in
single quoted strings. Because of this, you should <I>always</I> use single
quotes <I>unless</I> you specifically need variable interpolation to be done on
that string. This way, we can save the parser the trouble of parsing a bunch of
strings where no interpolation needs to be done. Also, if you are using a string
variable as part of a function call, you do not need to enclose that variable in
quotes. Again, this will just make unnecessary work for the parser. Note,
however, that nearly all of the escape sequences that exist for double-quoted
strings will not work with single-quoted strings. Be careful, and feel free to
break this guideline if it's making your code harder to read.
<BR><BR>&nbsp;&nbsp;&nbsp;Examples:<PRE><FONT size=+1>
/* wrong */
$str = "This is a really long string with no variables for the parser to find.";
do_stuff("$str");
/* right */
$str = 'This is a really long string with no variables for the parser to find.';
do_stuff($str);
</FONT></PRE>
<P></P>
<P><B>Associative array keys:</B> In PHP, it's legal to use a literal string as
a key to an associative array without quoting that string. We don't want to do
this -- the string should always be quoted to avoid confusion. Note that this is
only when we're using a literal, not when we're using a variable.
<BR><BR>&nbsp;&nbsp;&nbsp;Examples:<PRE><FONT size=+1>
/* wrong */
$foo = $assoc_array[blah];
/* right */
$foo = $assoc_array['blah'];
</FONT></PRE>
<P></P>
<P><B>Comments:</B> Each function should be preceded by a comment that tells a
programmer everything they need to know to use that function. The meaning of
every parameter, the expected input, and the output are required as a minimal
comment. The function's behaviour in error conditions (and what those error
conditions are) should also be present. Nobody should have to look at the actual
source of a function in order to be able to call it with confidence in their own
code. <BR><BR>In addition, commenting any tricky, obscure, or otherwise
not-immediately-obvious code is clearly something we should be doing. Especially
important to document are any assumptions your code makes, or preconditions for
its proper operation. Any one of the developers should be able to look at any
part of the application and figure out what's going on in a reasonable amount of
time. </P>
<P><B>Magic numbers:</B> Don't use them. Use named constants for any literal
value other than obvious special cases. Basically, it's OK to check if an array
has 0 elements by using the literal 0. It's not OK to assign some special
meaning to a number and then use it everywhere as a literal. This hurts
readability AND maintainability. Included in this guideline is that we should be
using the constants TRUE and FALSE in place of the literals 1 and 0 -- even
though they have the same values, it's more obvious what the actual logic is
when you use the named constants. </P>
<P><B>Shortcut operators:</B> The only shortcut operators that cause readability
problems are the shortcut increment ($i++) and decrement ($j--) operators. These
operators should not be used as part of an expression. They can, however, be
used on their own line. Using them in expressions is just not worth the
headaches when debugging. <BR><BR>&nbsp;&nbsp;&nbsp;Examples:<PRE><FONT size=+1>
/* wrong */
$array[++$i] = $j;
$array[$i++] = $k;
/* right */
$i++;
$array[$i] = $j;
$array[$i] = $k;
$i++;
</FONT></PRE>
<P></P>
<P><B>Inline conditionals:</B> Inline conditionals should only be used to do
very simple things. Preferably, they will only be used to do assignments, and
not for function calls or anything complex at all. They can be harmful to
readability if used incorrectly, so don't fall in love with saving typing by
using them. <BR><BR>&nbsp;&nbsp;&nbsp;Examples:<PRE><FONT size=+1>
/* Bad place to use them */
(($i &lt; $size) &amp;&amp; ($j &gt; $size)) ? do_stuff($foo) : do_stuff($bar);
/* OK place to use them */
$min = ($i &lt; $j) ? $i : $j;
</FONT></PRE>
<P></P>
<P><B>Don't use uninitialized variables.</B> for phpBB 2, we intend to use a
higher level of run-time error reporting. This will mean that the use of an
uninitialized variable will be reported as an error. This will come up most
often when checking which HTML form variables were passed. These errors can be
avoided by using the built-in isset() function to check whether a variable has
been set. <BR><BR>&nbsp;&nbsp;&nbsp;Examples:<PRE><FONT size=+1>
/* Old way */
if ($forum) ...
/* New way */
if (isset($forum)) ...
</FONT></PRE>
<P></P><BR><BR><A href="#top">Return
to top</A> </FONT></BODY></HTML>